{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-01T18:23:09.321","vulnerabilities":[{"cve":{"id":"CVE-2020-7273","sourceIdentifier":"trellixpsirt@trellix.com","published":"2020-04-15T12:15:12.153","lastModified":"2024-11-21T05:36:58.037","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to delete or rename programs in the autorun key via manipulation of some parameters."},{"lang":"es","value":"La funcionalidad de acceso no restringe apropiadamente por una vulnerabilidad de las ACL en la protección de inicio de ejecución automática en McAfee Endpoint Security (ENS) para Windows versiones anteriores a  10.7.0 Update de Abril de 2020, permite a usuarios locales eliminar o cambiar el nombre de los programas en la clave de ejecución automática por medio de la manipulación de algunos parámetros."}],"metrics":{"cvssMetricV31":[{"source":"trellixpsirt@trellix.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":1.5,"impactScore":4.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:P/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"trellixpsirt@trellix.com","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:endpoint_security:10.5.0:*:*:*:*:windows:*:*","matchCriteriaId":"6AC514CA-D094-433D-9561-99048D43902F"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:endpoint_security:10.5.1:*:*:*:*:windows:*:*","matchCriteriaId":"1B7AE3E9-DDCE-4119-B57D-B3D471E05B16"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:endpoint_security:10.5.2:*:*:*:*:windows:*:*","matchCriteriaId":"603FE358-FADA-4FE6-B3F2-169D032A57E9"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:endpoint_security:10.5.3:*:*:*:*:windows:*:*","matchCriteriaId":"66461D42-AE21-41B3-9FCB-3F6D09AC323E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:endpoint_security:10.5.4:*:*:*:*:windows:*:*","matchCriteriaId":"DCC441CF-5EA0-41C1-AE15-6672FF20B73A"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:endpoint_security:10.5.5:*:*:*:*:windows:*:*","matchCriteriaId":"A6551AB4-1B0F-4EE3-8ED1-99413E3F19DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:endpoint_security:10.6.0:*:*:*:*:windows:*:*","matchCriteriaId":"94732038-F35D-41AB-A550-E6F5FF9004DF"}]}]}],"references":[{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10309","source":"trellixpsirt@trellix.com"},{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10309","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}