CVE-2020-7337
Summary
| CVE | CVE-2020-7337 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-12-09 09:15:00 UTC |
| Updated | 2023-11-07 03:26:00 UTC |
| Description | Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks. |
Risk And Classification
Problem Types: CWE-732
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Mcafee | Virusscan Enterprise | All | All | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | - | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch1 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch10 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch11 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch12 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch13 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch14 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch15 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch2 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch3 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch4 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch5 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch6 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch7 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch8 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch9 | All | All |
| Application | Mcafee | Virusscan Enterprise | All | All | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | - | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch1 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch10 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch11 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch12 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch13 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch14 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch15 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch2 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch3 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch4 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch5 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch6 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch7 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch8 | All | All |
| Application | Mcafee | Virusscan Enterprise | 8.8 | patch9 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| McAfee Security Bulletin - VirusScan Enterprise update fixes one vulnerability (CVE-2020-7337) | CONFIRM | kc.mcafee.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.