TR-20-328 (McAfee Zafiyeti)

Genel Bilgi

McAfee Endpoint Security ürününde kritik Yetki Yükseltme ve ACE zafiyetleri tespit edildi.

Etki

Birden çok mevcut güvenlik açıklığı nedeniyle, siber saldırganlar tarafından hedef alınan sistemlerde zafiyete sebebiyet verebilmektedir. Bu zafiyetin ileriki zamanlarda zararlı yazılım yaymakta da kullanılabileceği öngörülmektedir. CVE-2020-7264, CVE-2020-7265, CVE-2020-7266, CVE-2020-7267, CVE-2020-7285, CVE-2020-7286, CVE-2020-7287, CVE-2020-7288, CVE-2020-7289, CVE-2020-7290 ve CVE-2020-7291 .

Çözüm

Ulusal Siber Olaylara Müdahale Merkezi (USOM), sistem yöneticilerine; McAfee güncellemelerini ivedilikle yapmalarını önermektedir.

Kaynaklar

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7264

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7265

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7266

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7267

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7285

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7286

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7287

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7288

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7289

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7264

2020-05-11