CVE-2020-7343

Name of the Vulnerable Software and Affected Versions: McAfee Agent (MA) for Windows versions prior to 5.7.1

Description: The issue allows local users to block product updates by manipulating a directory used for temporary files, resulting in the product continuing to function with out-of-date detection files. This can be achieved by exploiting a Missing Authorization vulnerability in the McAfee Agent.

Recommendations: For McAfee Agent (MA) for Windows versions prior to 5.7.1, update to version 5.7.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the directory used by MA for temporary files to prevent manipulation.