Vulnerability Database

314,452

Total vulnerabilities in the database

CVE-2019-3653

Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to gain access to security configuration via unauthorized use of the configuration tool.

Published: Oct 9, 2019
Updated: Nov 9, 2025
CVE: CVE-2019-3653
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.6
AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-284

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
mcafee / endpoint_security	10.5.0	10.5.5.x
mcafee / endpoint_security	10.6.0	10.6.1
mcafee / endpoint_security	10.16.1	10.16.1.x

https://kc.mcafee.com/corporate/index?page=content&id=SB10299

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo