Vulnerability Details CVE-2020-7273
Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to delete or rename programs in the autorun key via manipulation of some parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.6%
CVSS Severity
CVSS v3 Score 6.7
CVSS v2 Score 2.1
References
Products affected by CVE-2020-7273
-
cpe:2.3:a:mcafee:endpoint_security:10.5.0
-
cpe:2.3:a:mcafee:endpoint_security:10.5.1
-
cpe:2.3:a:mcafee:endpoint_security:10.5.2
-
cpe:2.3:a:mcafee:endpoint_security:10.5.3
-
cpe:2.3:a:mcafee:endpoint_security:10.5.4
-
cpe:2.3:a:mcafee:endpoint_security:10.5.5
-
cpe:2.3:a:mcafee:endpoint_security:10.6.0