CVE-2020-7315 is a vulnerability in Mcafee Agent
Published on September 10, 2020
DLL Injection vulnerability in MA for Windows
DLL Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to execute arbitrary code via careful placement of a malicious DLL.
Vulnerability Analysis
CVE-2020-7315 can be exploited with local system access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity and availability.
Weakness Type
What is an Untrusted Path Vulnerability?
The application searches for critical resources using an externally-supplied search path that can point to resources that are not under the application's direct control.
CVE-2020-7315 has been classified to as an Untrusted Path vulnerability or weakness.
Products Associated with CVE-2020-7315
Want to know whenever a new CVE is published for Mcafee Agent? stack.watch will email you.
Affected Versions
McAfee LLC MA for Windows:- Version 5.6.x and below 5.6.6 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.