CVE-2020-7282: Privilege Escalation vulnerability in McAfee Total Protection (MTP)
First published: Fri Jul 03 2020(Updated: )
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
Credit: psirt@mcafee.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mcafee Total Protection | <16.0.r26 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this McAfee Total Protection vulnerability?
The vulnerability ID is CVE-2020-7282.
What is the severity of CVE-2020-7282?
The severity of CVE-2020-7282 is high.
How does CVE-2020-7282 impact McAfee Total Protection?
CVE-2020-7282 allows local users to delete files they wouldn't have access to by manipulating symbolic links in McAfee Total Protection.
Which version of McAfee Total Protection is affected by CVE-2020-7282?
McAfee Total Protection versions up to and including 16.0.R26 are affected by CVE-2020-7282.
Is there a fix or patch available for CVE-2020-7282?
Yes, a fix is available. Please refer to the official McAfee advisory for more details.
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/title
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/mcafee
- canonical/mcafee total protection