CVE-2020-7260 (GCVE-0-2020-7260)

Vulnerability from cvelistv5 – Published: 2020-03-26 10:55 – Updated: 2024-09-17 02:51
VLAI?
Title
MACC installer DLL side loading
Summary
DLL Side Loading vulnerability in the installer for McAfee Application and Change Control (MACC) prior to 8.3 allows local users to execute arbitrary code via execution from a compromised folder.
Severity ?
7.3 (High)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
CWE
  • CWE-264 - Permissions, Privileges, and Access Controls
Assigner
References
Impacted products
Vendor Product Version
McAfee, LLC Mcafee Application and Change Control (MACC) Affected: 8.x , < 8.3 (custom)
Affected: 8.2.x , < 8.2.6 (custom)
Create a notification for this product.
Credits
McAfee credits Pierre-Alexandre Braeken twitter: @pabraeken for responsibly disclosing this vulnerability to McAfee.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:25:48.595Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10313"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Mcafee Application and Change Control (MACC)",
          "vendor": "McAfee, LLC",
          "versions": [
            {
              "lessThan": "8.3",
              "status": "affected",
              "version": "8.x",
              "versionType": "custom"
            },
            {
              "lessThan": "8.2.6",
              "status": "affected",
              "version": "8.2.x",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "McAfee credits Pierre-Alexandre Braeken twitter: @pabraeken for responsibly disclosing this vulnerability to McAfee."
        }
      ],
      "datePublic": "2020-03-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "DLL Side Loading vulnerability in the installer for McAfee Application and Change Control (MACC) prior to 8.3 allows local users to execute arbitrary code via execution from a compromised folder."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-264",
              "description": "CWE-264 Permissions, Privileges, and Access Controls",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-26T10:55:13",
        "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
        "shortName": "trellix"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10313"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "MACC installer DLL side loading",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@mcafee.com",
          "DATE_PUBLIC": "2020-03-24T00:00:00.000Z",
          "ID": "CVE-2020-7260",
          "STATE": "PUBLIC",
          "TITLE": "MACC installer DLL side loading"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Mcafee Application and Change Control (MACC)",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.x",
                            "version_value": "8.3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.2.x",
                            "version_value": "8.2.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "McAfee, LLC"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "McAfee credits Pierre-Alexandre Braeken twitter: @pabraeken for responsibly disclosing this vulnerability to McAfee."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "DLL Side Loading vulnerability in the installer for McAfee Application and Change Control (MACC) prior to 8.3 allows local users to execute arbitrary code via execution from a compromised folder."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-264 Permissions, Privileges, and Access Controls"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10313",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10313"
            }
          ]
        },
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
    "assignerShortName": "trellix",
    "cveId": "CVE-2020-7260",
    "datePublished": "2020-03-26T10:55:14.038843Z",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-09-17T02:51:46.073Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mcafee:application_and_change_control:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"8.3.0\", \"matchCriteriaId\": \"4473D16D-FD56-4BE9-BDC9-2CF72FE7FEC3\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"DLL Side Loading vulnerability in the installer for McAfee Application and Change Control (MACC) prior to 8.3 allows local users to execute arbitrary code via execution from a compromised folder.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de Carga Lateral de DLL en el instalador de McAfee Application and Change Control (MACC) versiones anteriores a 8.3, permite a usuarios locales ejecutar c\\u00f3digo arbitrario por medio de una ejecuci\\u00f3n desde una carpeta comprometida.\"}]",
      "id": "CVE-2020-7260",
      "lastModified": "2024-11-21T05:36:56.770",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"trellixpsirt@trellix.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H\", \"baseScore\": 7.3, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.5}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.4, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.4, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2020-03-26T13:15:13.687",
      "references": "[{\"url\": \"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10313\", \"source\": \"trellixpsirt@trellix.com\"}, {\"url\": \"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10313\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "trellixpsirt@trellix.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"trellixpsirt@trellix.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-426\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-7260\",\"sourceIdentifier\":\"trellixpsirt@trellix.com\",\"published\":\"2020-03-26T13:15:13.687\",\"lastModified\":\"2024-11-21T05:36:56.770\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"DLL Side Loading vulnerability in the installer for McAfee Application and Change Control (MACC) prior to 8.3 allows local users to execute arbitrary code via execution from a compromised folder.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de Carga Lateral de DLL en el instalador de McAfee Application and Change Control (MACC) versiones anteriores a 8.3, permite a usuarios locales ejecutar c\u00f3digo arbitrario por medio de una ejecuci\u00f3n desde una carpeta comprometida.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"trellixpsirt@trellix.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.5},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":4.4,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"trellixpsirt@trellix.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-426\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mcafee:application_and_change_control:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.3.0\",\"matchCriteriaId\":\"4473D16D-FD56-4BE9-BDC9-2CF72FE7FEC3\"}]}]}],\"references\":[{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10313\",\"source\":\"trellixpsirt@trellix.com\"},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10313\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.