First published: Wed Apr 15 2020(Updated: )
Accessing, modifying or executing executable files vulnerability in the uninstaller in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to execute arbitrary code via a carefully crafted input file.
Credit: psirt@mcafee.com
Affected Software | Affected Version | How to fix |
---|---|---|
Mcafee Endpoint Security | =10.5.0 | |
Mcafee Endpoint Security | =10.5.1 | |
Mcafee Endpoint Security | =10.5.2 | |
Mcafee Endpoint Security | =10.5.3 | |
Mcafee Endpoint Security | =10.5.4 | |
Mcafee Endpoint Security | =10.5.5 | |
Mcafee Endpoint Security | =10.6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2020-7275.
The title of this vulnerability is 'Accessing modifying or executing executable files vulnerability in the uninstaller in McAfee Endpoint Security (ENS) for Windows'.
The severity of CVE-2020-7275 is medium with a severity value of 5.3.
McAfee Endpoint Security versions 10.5.0, 10.5.1, 10.5.2, 10.5.3, 10.5.4, 10.5.5, and 10.6.0 are affected by this vulnerability.
This vulnerability can be exploited by local users who can execute arbitrary code via a carefully crafted input file.