1. Home
  2. CVE Database
  3. CVE-2020-7275
MEDIUM · 4.8

CVE-2020-7275

Accessing, modifying or executing executable files vulnerability in the uninstaller in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to execute arbitr...

Vulnerability Description

Accessing, modifying or executing executable files vulnerability in the uninstaller in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to execute arbitrary code via a carefully crafted input file.

CVSS Score

4.8

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW

Affected Products

VendorProductVersions
McafeeEndpoint Security10.5.0

Related Weaknesses (CWE)

CWE-428

References

FAQ

What is CVE-2020-7275?

CVE-2020-7275 is a vulnerability with a CVSS score of 4.8 (MEDIUM). Accessing, modifying or executing executable files vulnerability in the uninstaller in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to execute arbitr...

How severe is CVE-2020-7275?

CVE-2020-7275 has been rated MEDIUM with a CVSS base score of 4.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-7275?

Check the references section above for vendor advisories and patch information. Affected products include: Mcafee Endpoint Security.