Published by Contact For Service Leave your thoughts

Intel Security’s McAfee has unveiled a security patch for the major SQL injection fault in ePO or ePolicy Orchestrator; its admin support used to accomplish antivirus and software on tens of millions of professional devices across the world. The critical issue is that anyone can send an individually crafted HTTP POST in the SQL query over the web that creates an ePO database to leak enough info to profile users or monitor IT setup. Using an HTTP client, any attacker can cause that vulnerable, and therefore you should instantly call at the McAfee customer support number for appropriate solutions.

ePO is mainly used by more than 30,000 business users globally, and it’s responsible for protecting 60 million devices. McAfee has specified the bug the maximum CVSS v3 Base Score of 10.0, observing that the bug isn’t difficult to exploit and doesn’t need any user rights or interaction. The infected products contain ePO 5.1.3 and prior and ePO 5.3.2 and earlier. The company has unveiled hotfix files to address that problem.

Security admins use the ePO support to centrally accomplish security software policies through program agents that are installed on endpoint devices. The bug can also be used to copy these agents and create information revelation. The specified role of ePO in managing endpoint of the security program that is prone to be a primary target for malicious attackers. It obliges as yet another reminder that malfunctions in security program can expand the area of user attack.

Vulnerabilities like that can let deep insight into the organization without an attacker needing any limited access to incorporated platforms like Active Directory, and using that access anyone can characterize users and the infrastructure quietly. The vulnerability lies in the McAfee server for the ePO’s Apace Tomcat-based admin management suite. The server can be accessed directly through the console, or the custom protocol, which is known as SPIPE that make communication between the console and agents.

For reducing that attack, ePO users can close the direct access to the console and restrict it to SPIPE. To make sure that an attacker doesn’t have direct access to that vulnerability and has to use the SPIPE as an agent instead, check that the port 8443 that the McAfee ePolicy Orchestrator Console is assured to be isolated by agents and can just access by Administrators. As a user of McAfee ePO antivirus if you have faced that security fault, speak with the experts at McAfee tech support phone number to get it fixed quickly.