CVE-2020-7260 HIGH

CVE-2020-7260: MACC installer DLL side loading

Vendor Mcafee, Llc
Product Mcafee Application and Change Control (MACC)
Weakness CWE-264
Published March 26, 2020
Last update September 17, 2024

CVSS base score

7.3/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H

What the vulnerability does

01Description

DLL Side Loading vulnerability in the installer for McAfee Application and Change Control (MACC) prior to 8.3 allows local users to execute arbitrary code via execution from a compromised folder.

Key dates

02Disclosure timeline

March 26, 2020 CVE published
September 17, 2024 Record updated