CVE-2020-7335

Privilege Escalation vulnerability in Microsoft Windows client McAfee Total Protection (MTP) prior to 16.0.29 allows local users to gain elevated privileges via careful manipulation of a folder by creating a junction link. This exploits a lack of protection through a timing issue and is only exploitable in a small time window.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mcafee:total_protection:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:37

Type Values Removed Values Added
CVSS v2 : 4.4
v3 : 7.8
v2 : 4.4
v3 : 7.5
References () http://service.mcafee.com/FAQDocument.aspx?&id=TS103089 - () http://service.mcafee.com/FAQDocument.aspx?&id=TS103089 -
References () https://www.zerodayinitiative.com/advisories/ZDI-20-1388/ - () https://www.zerodayinitiative.com/advisories/ZDI-20-1388/ -

07 Nov 2023, 03:26

Type Values Removed Values Added
CWE CWE-269
References (CONFIRM) http://service.mcafee.com/FAQDocument.aspx?&id=TS103089 - Vendor Advisory () http://service.mcafee.com/FAQDocument.aspx?&id=TS103089 -
References (MISC) https://www.zerodayinitiative.com/advisories/ZDI-20-1388/ - Third Party Advisory () https://www.zerodayinitiative.com/advisories/ZDI-20-1388/ -

Information

Published : 2020-12-01 09:15

Updated : 2024-11-21 05:37


NVD link : CVE-2020-7335

Mitre link : CVE-2020-7335

CVE.ORG link : CVE-2020-7335


JSON object : View

Products Affected

mcafee

  • total_protection
CWE
CWE-269

Improper Privilege Management