Missing Authorization Vulnerability in McAfee Agent (MA) for Windows Prior to 5.7.1 Allows Local Users to Block Product Updates

Missing Authorization Vulnerability in McAfee Agent (MA) for Windows Prior to 5.7.1 Allows Local Users to Block Product Updates

CVE-2020-7343 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.

Learn more about our User Device Pen Test.