CVE-2020-7311 - OpenCVE

Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mcafee	Mcafee Agent

Configuration 1 [-]

cpe:2.3:a:mcafee:mcafee_agent:*:*:*:*:*:windows:*:*

No data.

References

Link	Providers
https://kc.mcafee.com/corporate/index?page=content&id=SB10325

History

Tue, 17 Sep 2024 01:45:00 +0000

Type	Values Removed	Values Added
Title	Privilege Escalation vulnerability in MA for Windows	Privilege Escalation vulnerability in MA for Windows

MITRE

Status: PUBLISHED

Assigner: trellix

Published: 2020-09-10T09:45:21.474269Z

Updated: 2024-09-17T01:31:44.215Z

Reserved: 2020-01-21T00:00:00

Link: CVE-2020-7311

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-09-10T10:15:10.967

Modified: 2023-11-07T03:25:58.670

Link: CVE-2020-7311

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "MA for Windows", "vendor": "McAfee LLC", "versions": [{"lessThan": "5.6.6", "status": "affected", "version": "5.6.x", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "McAfee credits Sebastian Schuster from Airbus CyberSecurity for responsibly reporting this flaw."}], "datePublic": "2020-09-09T00:00:00", "descriptions": [{"lang": "en", "value": "Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269: Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-09-10T09:45:21", "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808", "shortName": "trellix"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10325"}], "source": {"discovery": "EXTERNAL"}, "title": "Privilege Escalation vulnerability in MA for Windows", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@mcafee.com", "DATE_PUBLIC": "2020-09-09T00:00:00.000Z", "ID": "CVE-2020-7311", "STATE": "PUBLIC", "TITLE": "Privilege Escalation vulnerability in MA for Windows"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "MA for Windows", "version": {"version_data": [{"version_affected": "<", "version_name": "5.6.x", "version_value": "5.6.6"}]}}]}, "vendor_name": "McAfee LLC"}]}}, "credit": [{"lang": "eng", "value": "McAfee credits Sebastian Schuster from Airbus CyberSecurity for responsibly reporting this flaw."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-269: Improper Privilege Management"}]}]}, "references": {"reference_data": [{"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10325", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10325"}]}, "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T09:25:48.970Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10325"}]}]}, "cveMetadata": {"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808", "assignerShortName": "trellix", "cveId": "CVE-2020-7311", "datePublished": "2020-09-10T09:45:21.474269Z", "dateReserved": "2020-01-21T00:00:00", "dateUpdated": "2024-09-17T01:31:44.215Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:mcafee_agent:*:*:*:*:*:windows:*:*", "matchCriteriaId": "600905B9-91C4-4EF0-A99B-9D3E92600754", "versionEndExcluding": "5.6.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files."}, {"lang": "es", "value": "Una vulnerabilidad de escalamiento de privilegios en el instalador de McAfee Agent (MA) para Windows versiones anteriores a 5.6.6, permite a usuarios locales asumir derechos SYSTEM durante la instalaci\u00f3n de MA mediante la manipulaci\u00f3n de archivos de registro"}], "id": "CVE-2020-7311", "lastModified": "2023-11-07T03:25:58.670", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.1, "impactScore": 6.0, "source": "trellixpsirt@trellix.com", "type": "Secondary"}]}, "published": "2020-09-10T10:15:10.967", "references": [{"source": "trellixpsirt@trellix.com", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10325"}], "sourceIdentifier": "trellixpsirt@trellix.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-269"}], "source": "trellixpsirt@trellix.com", "type": "Secondary"}]}