Improper access control vulnerability in McAfee Agent
CVE-2020-7253

5.7MEDIUM

Key Information:

Vendor: Mcafee, Llc
Status: Mcafee Agent (ma)
Vendor: CVE Published:; 12 March 2020

🔔 Create Mcafee, Llc Vulnerability Alert

What is CVE-2020-7253?

Improper access control vulnerability in masvc.exe in McAfee Agent (MA) prior to 5.6.4 allows local users with administrator privileges to disable self-protection via a McAfee supplied command-line utility.

Affected Version(s)

McAfee Agent (MA) 5.6.x < 5.6.4

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 12, 2020
Vulnerability Reserved
Jan 21, 2020