CVE-2020-7331

CWE-4283 documents3 sources
Severity
7.8HIGH
EPSS
0.2%
top 62.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mcafee Endpoint SecurityMcafee, LLC Mcafee Endpoint Security (ens)
Timeline
PublishedNov 12
Latest updateMay 24

Description

Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5mcafee,_llc/mcafee_endpoint_security_(ens)prior to 10.7.0 November 2020 Update

🔴Vulnerability Details

2
GHSA
GHSA-w44x-f7wx-v7m6: Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 102022-05-24
CVEList
Unquoted service executable path in McAfee Endpoint Security (ENS)2020-11-12
CVE-2020-7331 (HIGH CVSS 7.8) | Unquoted service executable path in | cvebase.io