CVE-2020-7279

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 10-06-2020 02:15

Last modified: - 02-06-2022 10:25

Total changes: - 2

Description

DLL Search Order Hijacking Vulnerability in the installer component of McAfee Host Intrusion Prevention System (Host IPS) for Windows prior to 8.0.0 Patch 15 Update allows attackers with local access to execute arbitrary code via execution from a compromised folder.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Low

Attack complexity

Local

Attack vector

High

Availability

High

Confidentiality

High

Integrity

None

Privileges required

Unchanged

Scope

Required

User interaction

7.8

Base score

1.8

5.9

Exploitability score

Impact score

Verification logic

vendor=mcafee AND product=host_intrusion_prevention AND version=8.0.0 AND update=- AND target_software=windows

vendor=mcafee AND product=host_intrusion_prevention AND version=8.0.0 AND update=p1 AND target_software=windows

vendor=mcafee AND product=host_intrusion_prevention AND version=8.0.0 AND update=p10 AND target_software=windows

vendor=mcafee AND product=host_intrusion_prevention AND version=8.0.0 AND update=p11 AND target_software=windows

vendor=mcafee AND product=host_intrusion_prevention AND version=8.0.0 AND update=p12 AND target_software=windows

vendor=mcafee AND product=host_intrusion_prevention AND version=8.0.0 AND update=p13 AND target_software=windows

vendor=mcafee AND product=host_intrusion_prevention AND version=8.0.0 AND update=p14 AND target_software=windows

vendor=mcafee AND product=host_intrusion_prevention AND version=8.0.0 AND update=p15 AND target_software=windows

vendor=mcafee AND product=host_intrusion_prevention AND version=8.0.0 AND update=p2 AND target_software=windows

vendor=mcafee AND product=host_intrusion_prevention AND version=8.0.0 AND update=p3 AND target_software=windows

vendor=mcafee AND product=host_intrusion_prevention AND version=8.0.0 AND update=p4 AND target_software=windows

vendor=mcafee AND product=host_intrusion_prevention AND version=8.0.0 AND update=p5 AND target_software=windows

vendor=mcafee AND product=host_intrusion_prevention AND version=8.0.0 AND update=p6 AND target_software=windows

vendor=mcafee AND product=host_intrusion_prevention AND version=8.0.0 AND update=p7 AND target_software=windows

vendor=mcafee AND product=host_intrusion_prevention AND version=8.0.0 AND update=p8 AND target_software=windows

vendor=mcafee AND product=host_intrusion_prevention AND version=8.0.0 AND update=p9 AND target_software=windows

Reference

https://kc.mcafee.com/corporate/index?page=content&id=SB10320

Keywords

CVE-2020-7279

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2020-7279

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures