Link following in McAfee Endpoint Security (ENS) - CVE-2020-7250

 

Link following in McAfee Endpoint Security (ENS) - CVE-2020-7250

Published: April 15, 2020 / Updated: October 6, 2020


Vulnerability identifier: #VU47343
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2020-7250
CWE-ID: CWE-59
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: McAfee
Affected software:
McAfee Endpoint Security (ENS)

Detailed vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a symlink following issue. A local user can gain elevated privileges by pointing the link to files which the user which not normally have permission to alter via carefully creating symbolic links from the ENS log file directory.


How to mitigate CVE-2020-7250

Install updates from vendor's website.

Sources