CVE-2020-7259

Name of the Vulnerable Software and Affected Versions McAfee Endpoint Security versions prior to 10.7.0 February 2020 Update

Description The issue is related to the exploitation of a Privilege/Trust vulnerability in McAfee Endpoint Security, which allows local users to bypass local security protection. This can be achieved via a carefully crafted input file. The vulnerability is associated with insecure privilege management, enabling an attacker to circumvent existing security restrictions using a specially formed file.

Recommendations For versions prior to 10.7.0 February 2020 Update, update to the February 2020 Update or a later version to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation. Avoid using specially crafted input files that could be used to bypass security protection until the issue is resolved.