CVE-2020-7282 HIGH

CVE-2020-7282: Privilege Escalation vulnerability in McAfee Total Protection (MTP)

Vendor Mcafee,Llc
Product McAfee Total Protection (MTP)
Weakness CWE-59
Published July 3, 2020
Last update August 4, 2024

CVSS base score

7.5/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:H

What the vulnerability does

01Description

Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.

Key dates

02Disclosure timeline

July 3, 2020 CVE published
August 4, 2024 Record updated