{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T00:13:19.185","vulnerabilities":[{"cve":{"id":"CVE-2020-7250","sourceIdentifier":"trellixpsirt@trellix.com","published":"2020-04-15T13:15:13.080","lastModified":"2024-11-21T05:36:55.620","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Symbolic link manipulation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows authenticated local user to potentially gain an escalation of privileges by pointing the link to files which the user which not normally have permission to alter via carefully creating symbolic links from the ENS log file directory."},{"lang":"es","value":"Una vulnerabilidad de manipulación en enlaces simbólicos en McAfee Endpoint Security (ENS) para Windows versiones anteriores a 10.7.0 Update de Abril de 2020, permite a un usuario local autenticado conseguir una escalada de privilegios al señalar el enlace a archivos que el usuario normalmente no tiene permiso para modificar por medio de enlaces simbólicos cuidadosamente creados desde el directorio del archivo de registro de ENS."}],"metrics":{"cvssMetricV31":[{"source":"trellixpsirt@trellix.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.5,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"trellixpsirt@trellix.com","type":"Secondary","description":[{"lang":"en","value":"CWE-59"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:endpoint_security:10.5.0:*:*:*:*:windows:*:*","matchCriteriaId":"6AC514CA-D094-433D-9561-99048D43902F"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:endpoint_security:10.5.1:*:*:*:*:windows:*:*","matchCriteriaId":"1B7AE3E9-DDCE-4119-B57D-B3D471E05B16"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:endpoint_security:10.5.2:*:*:*:*:windows:*:*","matchCriteriaId":"603FE358-FADA-4FE6-B3F2-169D032A57E9"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:endpoint_security:10.5.3:*:*:*:*:windows:*:*","matchCriteriaId":"66461D42-AE21-41B3-9FCB-3F6D09AC323E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:endpoint_security:10.5.4:*:*:*:*:windows:*:*","matchCriteriaId":"DCC441CF-5EA0-41C1-AE15-6672FF20B73A"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:endpoint_security:10.5.5:*:*:*:*:windows:*:*","matchCriteriaId":"A6551AB4-1B0F-4EE3-8ED1-99413E3F19DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:endpoint_security:10.6.0:*:*:*:*:windows:*:*","matchCriteriaId":"94732038-F35D-41AB-A550-E6F5FF9004DF"}]}]}],"references":[{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10309","source":"trellixpsirt@trellix.com"},{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10309","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}