CVE-2020-7330

EUVD-2020-28457
Privilege Escalation vulnerability in McAfee Total Protection (MTP) trial prior to 4.0.176.1 allows local users to schedule tasks which call malicious software to execute with elevated privileges via editing of environment variables
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
trellixCNA
7.5 HIGH
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
Affected Products (NVD)
VendorProductVersion
mcafeetotal_protection
𝑥
< 4.0.176.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://service.mcafee.com/FAQDocument.aspx?&id=TS103082
http://service.mcafee.com/FAQDocument.aspx?&id=TS103082