admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-08 03:26:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2020/CVE-2020-7250.md

19 lines
1.0 KiB
Markdown
Raw Normal View History

Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### [CVE-2020-7250](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7250)
![](https://img.shields.io/static/v1?label=Product&message=McAfee%20Endpoint%20Security%20(ENS)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=10.x%3C%2010.7.0%20April%202020%20Update%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen)
### Description
Symbolic link manipulation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows authenticated local user to potentially gain an escalation of privileges by pointing the link to files which the user which not normally have permission to alter via carefully creating symbolic links from the ENS log file directory.
### POC
#### Reference
- https://kc.mcafee.com/corporate/index?page=content&id=SB10309
Update CVE sources 2024-06-09 00:33
2024-06-09 00:33:16 +00:00
- https://kc.mcafee.com/corporate/index?page=content&id=SB10309
Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
#### Github
- https://github.com/shubham0d/SymBlock
Reference in New Issue Copy Permalink