CVE-2020-7279— DLL search order hijacking in Host IPS

CVSS 4.6 · Medium EPSS 0.18% · P38 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-7279

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

DLL search order hijacking in Host IPS

Source: NVD (National Vulnerability Database)

Vulnerability Description

DLL Search Order Hijacking Vulnerability in the installer component of McAfee Host Intrusion Prevention System (Host IPS) for Windows prior to 8.0.0 Patch 15 Update allows attackers with local access to execute arbitrary code via execution from a compromised folder.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

不可信的搜索路径

Source: NVD (National Vulnerability Database)

Vulnerability Title

McAfee Host Intrusion Prevention System 代码问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

McAfee Host Intrusion Prevention System（Host IPS）是美国迈克菲（McAfee）公司的一套主机入侵防御系统。基于Windows平台的McAfee Host IPS 8.0.0 Patch 15之前版本中存在安全漏洞。本地攻击者可利用该漏洞执行任意代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
McAfee, LLC	McAfee Host Intrusion Prevention System (Host IPS) for Windows	8.0.x ~ 8.0.0 Patch 15 update	-

II. Public POCs for CVE-2020-7279

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-7279

请登录查看更多情报信息。

https://kc.mcafee.com/corporate/index?page=content&id=SB10320x_refsource_CONFIRM
https://nvd.nist.gov/vuln/detail/CVE-2020-7279

Same Patch Batch · McAfee, LLC · 2020-06-10 · 6 CVEs total

CVE-2020-7280	7.8 HIGH	Symbolic Link vulnerability during DAT update
CVE-2019-3617	7.5 HIGH	Privilege escalation in ToPS for Mac
CVE-2019-3585	7.0 HIGH	VSE Escalation of Privileges through Alert pop-up window
CVE-2019-3588	6.3 MEDIUM	Using VSE to bypass Windows Credentials on Lock screen
CVE-2019-3613	5.9 MEDIUM	DLL search order hijacking in MA

IV. Related Vulnerabilities

Same vendor: McAfee, LLC

Same weakness: CWE-426

V. Comments for CVE-2020-7279

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2020-7279— DLL search order hijacking in Host IPS

I. Basic Information for CVE-2020-7279

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-7279

III. Intelligence Information for CVE-2020-7279

Same Patch Batch · McAfee, LLC · 2020-06-10 · 6 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2020-7279

Leave a comment