High severity8.2NVD Advisory· Published Apr 15, 2020· Updated Jun 17, 2026
CVE-2020-7250
CVE-2020-7250
Description
Symbolic link manipulation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows authenticated local user to potentially gain an escalation of privileges by pointing the link to files which the user which not normally have permission to alter via carefully creating symbolic links from the ENS log file directory.
Affected products
2- Range: <10.7.0 February 2020 Update
- McAfee LLC/McAfee Endpoint Security (ENS)v5Range: 10.x
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.