CVE-2020-7311

Published: Sep 10, 2020Modified: Nov 21, 2024

7.0

Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.0 / Impact: 5.9

Source: NVD

Description

Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files.

Affected (1)

Products: Mcafee: Mcafee Agent

Mcafee

1 product

Mcafee Agent

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mcafee Mcafee Agent	Before 5.6.6

Related CWEs

CWE-269

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (2)

https://kc.mcafee.com/corporate/index?page=content&id=SB10325

Source: trellixpsirt@trellix.com

https://kc.mcafee.com/corporate/index?page=content&id=SB10325

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.