Improper Handling of Insufficient Privileges

CVE-2020-7283

High

7.5/10

Summary

Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to create and edit files via symbolic link manipulation in a location they would otherwise not have access to. This is achieved through running a malicious script or program on the target machine.

Attack Complexity: HIGH
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: CHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-274 - Improper Handling of Insufficient Privileges

The software does not handle or incorrectly handles when it has insufficient privileges to perform an operation, leading to resultant weaknesses.

References

Advisory Timeline

Published Jul 03, 2020

Improper Handling of Insufficient Privileges

CVE-2020-7283

Summary

CWE-274 - Improper Handling of Insufficient Privileges

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS