CVEs-PoC/2020/CVE-2020-7261.md

### [CVE-2020-7261](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7261)
![](https://img.shields.io/static/v1?label=Product&message=McAfee%20Endpoint%20Security%20(ENS)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=10.x%3C%2010.7.0%20April%202020%20Update%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-119%20Improper%20Restriction%20of%20Operations%20within%20the%20Bounds%20of%20a%20Memory%20Buffer&color=brighgreen)

### Description

Buffer Overflow via Environment Variables vulnerability in AMSI component in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to disable Endpoint Security via a carefully crafted user input.

### POC

#### Reference
- https://kc.mcafee.com/corporate/index?page=content&id=SB10309

#### Github
No PoCs found on GitHub currently.