CVE-2020-7281

Name of the Vulnerable Software and Affected Versions McAfee Total Protection versions prior to 16.0.R26

Description The issue allows local users to delete files they would otherwise not have access to by manipulating symbolic links, redirecting a McAfee delete action to an unintended file. This can be achieved through running a malicious script or program on the target machine, exploiting a privilege escalation vulnerability related to insufficient access control.

Recommendations For versions prior to 16.0.R26, update to version 16.0.R26 or later to resolve the issue. As a temporary workaround, consider restricting access to symbolic links and avoiding the execution of unknown scripts or programs on the target machine.