DLL Injection vulnerability in MA for Windows
CVE-2020-7315

6MEDIUM

Key Information:

Vendor: Mcafee Llc
Status: Ma For Windows
Vendor: CVE Published:; 10 September 2020

Summary

DLL Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to execute arbitrary code via careful placement of a malicious DLL.

Affected Version(s)

MA for Windows 5.6.x < 5.6.6

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 10, 2020
Vulnerability Reserved
Jan 21, 2020

Credit

McAfee credits Clément Notin for responsibly reporting this flaw.