CVE-2020-7299

Summary

Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in McAfee True Key (TK) prior to 6.2.109.2 allows a local user logged in with administrative privileges to access to another user’s passwords on the same machine via triggering a process dump in specific situations.

Affected Software

VendorProductVersion RangeStatus
McAfee,LLCMcAfee True Key Windows client6.x < 6.2.110.8affected

Weaknesses

  • CWE-522: CWE-522: Insufficiently Protected Credentials

ADP Enrichment

CVE Program Container

Additional References

References