CVE-2020-7266

Privilege Escalation vulnerability through symbolic links in VSE for Windows

Severity Score

8.4

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.

Una vulnerabilidad de Escalada de Privilegios en McAfee VirusScan Enterprise (VSE) para Windows versiones anteriores a 8.8 Parche 14 Hotfix 116778, permite a usuarios locales eliminar archivos a los que de otro modo el usuario no tendría acceso por medio de la manipulación de enlaces simbólicos para redireccionar una acción de eliminación de McAfee hacia un archivo no deseado. Esto es logrado por medio de la ejecución de un script o programa malicioso en la máquina objetivo.

*Credits: Rack911 Labs discovered this vulnerability.

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2020-01-21 CVE Reserved
2020-05-08 CVE Published
2023-03-08 EPSS Updated
2024-09-17 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-269: Improper Privilege Management
CWE-274: Improper Handling of Insufficient Privileges

CAPEC

References (1)

URL	Tag	Source
https://kc.mcafee.com/corporate/index?page=content&id=SB10316	X_refsource_confirm

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Mcafee Search vendor "Mcafee"		Virusscan Enterprise Search vendor "Mcafee" for product "Virusscan Enterprise"				>= 1.9.0 < 1.9.2 Search vendor "Mcafee" for product "Virusscan Enterprise" and version " >= 1.9.0 < 1.9.2"		linux		Affected
Mcafee Search vendor "Mcafee"		Virusscan Enterprise Search vendor "Mcafee" for product "Virusscan Enterprise"				>= 2.0.0 < 2.0.3 Search vendor "Mcafee" for product "Virusscan Enterprise" and version " >= 2.0.0 < 2.0.3"		linux		Affected