CVE-2020-7319

CWE-593 documents3 sources
Severity
8.8HIGH
EPSS
0.1%
top 83.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mcafee LLC Endpoint Security FOR WindowsMcafee Endpoint Security
Timeline
PublishedSep 9
Latest updateMay 24

Description

Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages2 packages

CVEListV5mcafee_llc/endpoint_security_for_windows10.7.x10.7.0 September 2020 Update

🔴Vulnerability Details

2
GHSA
GHSA-3997-6wvq-mg36: Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 102022-05-24
CVEList
Improper Access Control Vulnerability in ENS for Windows2020-09-09
CVE-2020-7319 (HIGH CVSS 8.8) | Improper Access Control vulnerabili | cvebase.io