CVE-2020-7327 MEDIUM

CVE-2020-7327: McAfee MVEDR - Improperly implemented security check

Vendor Mcafee,Llc
Product McAfee MVISION Endpoint Detection and Response
Weakness CWE-290
Published October 15, 2020
Last update September 17, 2024

CVSS base score

6.0/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

What the vulnerability does

01Description

Improperly implemented security check in McAfee MVISION Endpoint Detection and Response Client (MVEDR) prior to 3.2.0 may allow local administrators to execute malicious code via stopping a core Windows service leaving McAfee core trust component in an inconsistent state resulting in MVEDR failing open rather than closed

Key dates

02Disclosure timeline

October 15, 2020 CVE published
September 17, 2024 Record updated