CVE-2020-7325
MEDIUMMcAfee MVISION Endpoint < 20.9 - Privilege Escalation via Symbolic Link Manipulation
Title source: llmDescription
Privilege Escalation vulnerability in McAfee MVISION Endpoint prior to 20.9 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10328
Scores
CVSS v3
5.5
EPSS
0.0005
EPSS Percentile
14.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-59
Status
published
Products (1)
mcafee/mvision_endpoint
< 20.9
Published
Sep 09, 2020
Tracked Since
Feb 18, 2026