HIGH🇬🇧 English

CVE-2020-7264

CVSS 8.8v3.1pub. 2020-05-08upd. 2024-11-21

Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Hotfix 199847 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  • Mcafee Endpoint Security

    APP
    Mcafee
    10.6.010.7.010.5.0 – 10.5.5 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
LPE
CWE
Referencje

Powiązane podatności

CVE-2021-31843HIGH7.3ten sam produkt

Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 Septemb...

CVE-2021-23882HIGH8.2ten sam produkt

Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2...

CVE-2021-23878HIGH7.3ten sam produkt

Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security (ENS) for Wind...

CVE-2020-7332HIGH7.0ten sam produkt

Cross Site Request Forgery vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior...

CVE-2020-7331HIGH7.8ten sam produkt

Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows...