CVE-2020-7283

HIGH

McAfee Total Protection < 16.0.R26 - Privilege Escalation via Symbolic Link Manipulation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-7283. PoCs published by RedyOpsResearchLabs.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2020-7283, an escalation of privilege (EoP) vulnerability in McAfee Total Protection (MTP) 16.0.R26. The exploit leverages symbolic link manipulation to achieve privilege escalation, based on James Forshaw's symboliclink-testing-tools.

Description

Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to create and edit files via symbolic link manipulation in a location they would otherwise not have access to. This is achieved through running a malicious script or program on the target machine.

Exploits (1)

nomisec WORKING POC 13 stars
by RedyOpsResearchLabs · poc
https://github.com/RedyOpsResearchLabs/CVE-2020-7283-McAfee-Total-Protection-MTP-16.0.R26-EoP

This repository contains a functional exploit for CVE-2020-7283, an escalation of privilege (EoP) vulnerability in McAfee Total Protection (MTP) 16.0.R26. The exploit leverages symbolic link manipulation to achieve privilege escalation, based on James Forshaw's symboliclink-testing-tools.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: McAfee Total Protection (MTP) 16.0.R26
Auth required
Prerequisites: Local access to the target system · Low-privileged user account
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 7.5
EPSS 0.0062
EPSS Percentile 45.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:H

Details

CWE
CWE-269 CWE-274
Status published
Products (1)
mcafee/total_protection < 16.0.r26
Published Jul 03, 2020
Tracked Since Feb 18, 2026