Privilege Escalation vulnerability in MA for Windows
CVE-2020-7311

7.8HIGH

Key Information:

Vendor: Mcafee Llc
Status: Ma For Windows
Vendor: CVE Published:; 10 September 2020

What is CVE-2020-7311?

Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files.

Affected Version(s)

MA for Windows 5.6.x < 5.6.6

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 10, 2020
Vulnerability Reserved
Jan 21, 2020

Credit

McAfee credits Sebastian Schuster from Airbus CyberSecurity for responsibly reporting this flaw.

Mcafee Llc

What is CVE-2020-7311?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit