Vulnerability Database

311,378

Total vulnerabilities in the database

CVE-2020-7335

Privilege Escalation vulnerability in Microsoft Windows client McAfee Total Protection (MTP) prior to 16.0.29 allows local users to gain elevated privileges via careful manipulation of a folder by creating a junction link. This exploits a lack of protection through a timing issue and is only exploitable in a small time window.

Published: Dec 1, 2020
Updated: Nov 16, 2025
CVE: CVE-2020-7335
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

CVSS v2:

Severity: Low
Score: 4.4
AV:L/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-269

Affected Software
References

Software	From	Fixed in
mcafee / total_protection	-	16.0.29

http://service.mcafee.com/FAQDocument.aspx?&id=TS103089
https://www.zerodayinitiative.com/advisories/ZDI-20-1388/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo