CVE-2020-7279

Summary

DLL Search Order Hijacking Vulnerability in the installer component of McAfee Host Intrusion Prevention System (Host IPS) for Windows prior to 8.0.0 Patch 15 Update allows attackers with local access to execute arbitrary code via execution from a compromised folder.

Affected Software

VendorProductVersion RangeStatus
McAfee, LLCMcAfee Host Intrusion Prevention System (Host IPS) for Windows8.0.x < 8.0.0 Patch 15 updateaffected

Weaknesses

  • CWE-426: CWE-426: Untrusted Search Path

ADP Enrichment

CVE Program Container

Additional References

References