Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2020-7346
CVE-2020-7346:
McAfee DLP Endpoint Agent vulnerability analysis and mitigation
Overview
A Privilege Escalation vulnerability was identified in McAfee Data Loss Prevention (DLP) for Windows prior to version 11.6.100. This vulnerability, tracked as CVE-2020-7346, allows a local attacker with low privileges to exploit the system through the use of junctions to load malicious DLLs of their choosing (NVD, Debian Tracker).
Technical details
The vulnerability involves the manipulation of junctions combined with specific IOTL command timing. The attack requires the creation and removal of junctions by the attacker, followed by sending a precisely timed IOTL command. The vulnerability is classified under CWE-59 (NVD).
Impact
The successful exploitation of this vulnerability could allow an attacker with low privileges to escalate their privileges on the affected system, potentially gaining higher levels of access to the McAfee DLP installation (NVD).
Mitigation and workarounds
The vulnerability has been addressed in McAfee Data Loss Prevention (DLP) version 11.6.100 and later. Users are advised to upgrade to this version or newer to mitigate the vulnerability (NVD).
Additional resources
Source: This report was generated using AI
Related McAfee DLP Endpoint Agent vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management