{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-26T21:16:43.264","vulnerabilities":[{"cve":{"id":"CVE-2020-7346","sourceIdentifier":"trellixpsirt@trellix.com","published":"2021-03-23T16:15:13.940","lastModified":"2026-02-23T20:27:54.730","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to load DLLs of the attacker's choosing. This requires the creation and removal of junctions by the attacker along with sending a specific IOTL command at the correct time."},{"lang":"es","value":"Una vulnerabilidad de Escalada de Privilegios en McAfee Data Loss Prevention (DLP) para Windows versiones anteriores a 11.6.100, permite a un atacante local, poco privilegiado, usar uniones para causar que el producto cargue los archivos DLL de elección del atacante. Esto requiere la creación y eliminación de uniones por parte del atacante junto con el envío de un comando IOTL específico en el momento correcto"}],"metrics":{"cvssMetricV31":[{"source":"trellixpsirt@trellix.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"trellixpsirt@trellix.com","type":"Secondary","description":[{"lang":"en","value":"CWE-59"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:data_loss_prevention:*:*:*:*:*:windows:*:*","versionEndExcluding":"11.6.100","matchCriteriaId":"EC133AA6-A343-4A72-A84E-C7B1D489055E"}]}]}],"references":[{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10344","source":"trellixpsirt@trellix.com"},{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10344","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}