CVE-2020-7254

Privilege escalation in Advanced Threat Defense

CVSS 7.7 HIGHEPSS 0.3%CWE-264 CWE-269

Privilege Escalation vulnerability in the command line interface in McAfee Advanced Threat Defense (ATD) 4.x prior to 4.8.2 allows local users to execute arbitrary code via improper access controls on the sudo command.

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:H

Affected products

McAfee, LLC · McAfee Advanced Threat Defense (ATD)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://kc.mcafee.com/corporate/index?page=content&id=SB10311