CVE-2020-7279

DLL Search Order Hijacking Vulnerability in the installer component of McAfee Host Intrusion Prevention System (Host IPS) for Windows prior to 8.0.0 Patch 15 Update allows attackers with local access to execute arbitrary code via execution from a compromised folder.

Published: Jun 10, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-7279
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Low
Score: 4.4
AV:L/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-426

Affected Software
References

Software	From	Fixed in
mcafee / host_intrusion_prevention	8.0.0	8.0.0.x
mcafee / host_intrusion_prevention	8.0.0-p1	8.0.0-p1.x
mcafee / host_intrusion_prevention	8.0.0-p10	8.0.0-p10.x
mcafee / host_intrusion_prevention	8.0.0-p11	8.0.0-p11.x
mcafee / host_intrusion_prevention	8.0.0-p12	8.0.0-p12.x
mcafee / host_intrusion_prevention	8.0.0-p13	8.0.0-p13.x
mcafee / host_intrusion_prevention	8.0.0-p14	8.0.0-p14.x
mcafee / host_intrusion_prevention	8.0.0-p15	8.0.0-p15.x
mcafee / host_intrusion_prevention	8.0.0-p2	8.0.0-p2.x
mcafee / host_intrusion_prevention	8.0.0-p3	8.0.0-p3.x
mcafee / host_intrusion_prevention	8.0.0-p4	8.0.0-p4.x
mcafee / host_intrusion_prevention	8.0.0-p5	8.0.0-p5.x
mcafee / host_intrusion_prevention	8.0.0-p6	8.0.0-p6.x
mcafee / host_intrusion_prevention	8.0.0-p7	8.0.0-p7.x
mcafee / host_intrusion_prevention	8.0.0-p8	8.0.0-p8.x
mcafee / host_intrusion_prevention	8.0.0-p9	8.0.0-p9.x

https://kc.mcafee.com/corporate/index?page=content&id=SB10320

Vulnerability Database

289,784

CVE-2020-7279