Published: 15/04/2020 Updated: 07/11/2023

CVSS v2 Base Score: 3.3 | Impact Score: 4.9 | Exploitability Score: 3.4

CVSS v3 Base Score: 6.3 | Impact Score: 5.2 | Exploitability Score: 1

VMScore: 294

Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P

Privilege escalation vulnerability in McAfee Endpoint Security (ENS) for Windows before 10.7.0 February 2020 Update allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links whilst an anti-virus scan was in progress. This is timing dependent.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mcafee endpoint security 10.5.0
mcafee endpoint security 10.5.1
mcafee endpoint security 10.5.2
mcafee endpoint security 10.5.3
mcafee endpoint security 10.5.4
mcafee endpoint security 10.5.5
mcafee endpoint security 10.6.0

POC for arbitary file deletion using Symlink(Symbolic links) issue present in many Antivirus software

Antivirus-Symlink-Exploit POC for arbitary file deletion using Symlink(Symbolic links) issue present in many Antivirus software Tested with following products Mcafee Endpoint Security (CVE-2020-7257) -> Unpatched(last update-June,2020) Kaspersky Malwarebyte

CWE-269 https://kc.mcafee.com/corporate/index?page=content&id=SB10309 https://nvd.nist.gov https://github.com/shubham0d/Antivirus-Symlink-Exploit

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-7257

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect