CVE-2020-7319
8.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| McAfee LLC | Endpoint Security for Windows | 10.7.x < 10.7.0 September 2020 Update | affected |
Weaknesses
- CWE-59: CWE-59: Improper Link Resolution Before File Access ('Link Following')
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.