CVE-2020-7314: Privilege Escalation vulnerability in McAfee DXL for Mac
First published: Wed Sep 09 2020(Updated: )
Privilege Escalation Vulnerability in the installer in McAfee Data Exchange Layer (DXL) Client for Mac shipped with McAfee Agent (MA) for Mac prior to MA 5.6.6 allows local users to run commands as root via incorrectly applied permissions on temporary files.
Credit: psirt@mcafee.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mcafee Mcafee Agent | <5.6.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this privilege escalation vulnerability in McAfee Data Exchange Layer (DXL) Client for Mac?
The vulnerability ID is CVE-2020-7314.
What is the title of this vulnerability?
The title of this vulnerability is 'Privilege Escalation Vulnerability in the installer in McAfee Data Exchange Layer (DXL) Client for Mac shipped with McAfee Agent (MA) for Mac prior to MA 5.6.6'.
What is the description of this vulnerability?
The description of this vulnerability is that it allows local users to run commands as root via incorrectly applied permissions on temporary files.
What version of McAfee Agent for Mac is affected by this vulnerability?
McAfee Agent (MA) for Mac prior to MA 5.6.6 is affected by this vulnerability.
How can I fix this privilege escalation vulnerability in McAfee Data Exchange Layer (DXL) Client for Mac?
To fix this vulnerability, update McAfee Agent (MA) for Mac to version 5.6.6 or later.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/title
- agent/severity
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/mcafee
- canonical/mcafee mcafee agent