Vulnerability Database

289,689

Total vulnerabilities in the database

CVE-2020-7280

Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing dependent.

  • Published: Jun 10, 2020
  • Updated: Apr 14, 2023
  • CVE: CVE-2020-7280
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.8
  • AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: Low
  • Score: 4.6
  • AV:L/AC:L/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
mcafee / virusscan_enterprise 8.8-patch1 8.8-patch1.x
mcafee / virusscan_enterprise 8.8-patch2 8.8-patch2.x
mcafee / virusscan_enterprise 8.8-patch3 8.8-patch3.x
mcafee / virusscan_enterprise 8.8-patch4 8.8-patch4.x
mcafee / virusscan_enterprise 8.8-patch5 8.8-patch5.x
mcafee / virusscan_enterprise 8.8-patch6 8.8-patch6.x
mcafee / virusscan_enterprise 8.8-patch7 8.8-patch7.x
mcafee / virusscan_enterprise 8.8-patch8 8.8-patch8.x
mcafee / virusscan_enterprise 8.8-patch9 8.8-patch9.x
mcafee / virusscan_enterprise 8.8-patch10 8.8-patch10.x
mcafee / virusscan_enterprise 8.8-patch11 8.8-patch11.x
mcafee / virusscan_enterprise 8.8-patch12 8.8-patch12.x
mcafee / virusscan_enterprise 8.8-patch13 8.8-patch13.x
mcafee / virusscan_enterprise 8.8 8.8.x
mcafee / virusscan_enterprise 8.8-patch14 8.8-patch14.x