File and Removable Media Protection update fixes one vulnerability

CVE-2020-7316

6.6MEDIUM

Key Information

Vendor: Mcafee
Status: File & Removable Media Protection (frp)
Vendor: CVE Published:; 7 October 2020

Summary

Unquoted service path vulnerability in McAfee File and Removable Media Protection (FRP) prior to 5.3.0 allows local users to execute arbitrary code, with higher privileges, via execution and from a compromised folder. This issue may result in files not being encrypted when a policy is triggered.

Affected Version(s)

File & Removable Media Protection (FRP) < 5.3.0

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_MISC

CVSS V3.1

Score:

6.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 7, 2020
Vulnerability Reserved
Jan 21, 2020

Collectors

NVD DatabaseMitre Database