CVE-2020-7279
MEDIUMMcAfee Host Intrusion Prevention < 8.0.0 Patch 15 Update - DLL Search Order Hijacking in Installer
Title source: llmDescription
DLL Search Order Hijacking Vulnerability in the installer component of McAfee Host Intrusion Prevention System (Host IPS) for Windows prior to 8.0.0 Patch 15 Update allows attackers with local access to execute arbitrary code via execution from a compromised folder.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10320
Scores
CVSS v3
4.6
EPSS
0.0018
EPSS Percentile
38.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:N
Details
CWE
CWE-426
Status
published
Products (1)
mcafee/host_intrusion_prevention
8.0.0 (16 CPE variants)
Published
Jun 10, 2020
Tracked Since
Feb 18, 2026