Improper Access Control
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 126.96.36.199, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (188.8.131.523), Data Exchange Layer 2.x (DXL) before 184.108.40.206.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 220.127.116.1124, and VirusScan Enterprise (VSE) 8.8 before P7 (18.104.22.1688) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys.
CWE-284 - Improper Access Control
Listed 5th in the 'OWASP Top Ten', improper (or broken) access control attacks are a fundamental type of vulnerability. This includes a broad range of design flaws that enable users to act outside of their intended permissions. They can use these privileges to gain access to restricted files and functionality such as accessing restricted information, falsifying records, destroying data, or executing commands.