CVE-2020-7266
Last modified
CVE-2020-7266 is a high-severity vulnerability rated 8.4/10 on the CVSS scale. Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.. EPSS estimates a 0.25% chance of exploitation in the next 30 days.
Description
Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Mcafee | Virusscan Enterprise | >= 1.9.0, < 1.9.2 |
| Mcafee | Virusscan Enterprise | >= 2.0.0, < 2.0.3 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-7266?
How severe is CVE-2020-7266?
How do I fix CVE-2020-7266?
Are you affected by CVE-2020-7266?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST