CVE-2020-7310

MEDIUM

McAfee Total Protection < 4.0.161.1 - Privilege Escalation via Symbolic Link Manipulation

Title source: llm
STIX 2.1

Description

Privilege Escalation vulnerability in the installer in McAfee McAfee Total Protection (MTP) trial prior to 4.0.161.1 allows local users to change files that are part of write protection rules via manipulating symbolic links to redirect a McAfee file operations to an unintended file.

References (1)

Core 1
Core References
Various Sources x_refsource_confirm
http://service.mcafee.com/FAQDocument.aspx?&id=TS103067

Scores

CVSS v3 6.9
EPSS 0.0004
EPSS Percentile 11.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:H

Details

CWE
CWE-269
Status published
Products (1)
mcafee/total_protection < 4.0.161.1
Published Aug 21, 2020
Tracked Since Feb 18, 2026