CVE-2019-3586

moderate-risk

Published 2019-05-15

Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI reputation is carefully manipulated and does not correctly trigger the ENS Firewall to block the connection.

Do I need to act?

0.27% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / HIGH complexity

Affected Products (2)

Endpoint Security

Affected Vendors

Mcafee

References (4)

http://www.securityfocus.com/bid/108416

https://kc.mcafee.com/corporate/index?page=content&id=SB10280

http://www.securityfocus.com/bid/108416

https://kc.mcafee.com/corporate/index?page=content&id=SB10280

/ 100

moderate-risk

Severity 22/34 · High

Exploitability 1/34 · Minimal

Exposure 7/34 · Low