CVE-2020-7327

Summary

Improperly implemented security check in McAfee MVISION Endpoint Detection and Response Client (MVEDR) prior to 3.2.0 may allow local administrators to execute malicious code via stopping a core Windows service leaving McAfee core trust component in an inconsistent state resulting in MVEDR failing open rather than closed

Affected Software

VendorProductVersion RangeStatus
McAfee,LLCMcAfee MVISION Endpoint Detection and Response3.x < 3.2.0affected

Weaknesses

  • CWE-290: CWE-290 Authentication Bypass by Spoofing

ADP Enrichment

CVE Program Container

Additional References

References