CVE-2020-7288— Privilege Escalation vulnerability in EDR for Mac
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-7288
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Privilege Escalation vulnerability in EDR for Mac
Source: NVD (National Vulnerability Database)
Vulnerability Description
Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Mac prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
不充分特权处理不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
McAfee Endpoint Detection and Response 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
McAfee Endpoint Detection and Response(EDR)是美国迈克菲(McAfee)公司的一套端点威胁检测和响应解决方案。该产品支持威胁事件监测、主机流量监测和自动威胁识别等功能。 McAfee EDR 3.1.0 Hotfix 1之前版本(Mac)中存在提权漏洞。攻击者可借助恶意脚本或程序利用该漏洞运行无权使用的功能。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| McAfee,LLC | McAfee Exploit Detection and Response (EDR) for Mac | 3.1.x ~ 3.1.0 Hotfix 1 | - |
II. Public POCs for CVE-2020-7288
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-7288
请登录查看更多情报信息。
- https://kc.mcafee.com/corporate/index?page=content&id=SB10317x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2020-7288
Same Patch Batch · McAfee,LLC · 2020-05-08 · 11 CVEs total
| CVE-2020-7264 | 8.8 HIGH | Privilege Escalation vulnerability through symbolic links in ENS for Windows |
| CVE-2020-7265 | 8.8 HIGH | Privilege Escalation vulnerability through symbolic links in ENSM |
| CVE-2020-7266 | 8.8 HIGH | Privilege Escalation vulnerability through symbolic links in VSE for Windows |
| CVE-2020-7267 | 8.8 HIGH | Privilege Escalation vulnerability through symbolic links in VSEL |
| CVE-2020-7286 | 7.8 HIGH | Privilege Escalation vulnerability in EDR for Windows |
| CVE-2020-7285 | 7.8 HIGH | Privilege Escalation vulnerability in MVISION Endpoint |
| CVE-2020-7289 | 7.8 HIGH | Privilege Escalation vulnerability in MAR for Windows |
| CVE-2020-7287 | 7.8 HIGH | Privilege Escalation vulnerability in EDR for Linux |
| CVE-2020-7291 | 7.8 HIGH | Privilege Escalation vulnerability MAR for Mac |
| CVE-2020-7290 | 7.8 HIGH | Privilege Escalation vulnerability in MAR for Linux |
IV. Related Vulnerabilities
Same vendor: McAfee,LLC
Same weakness: CWE-274
- CVE-2026-33005
Apache OpenMeetings: Insufficient checks in FileWebService - CVE-2023-20516
AMD Graphics Driver 安全漏洞 - CVE-2025-20177
Cisco IOS XR Software Image Verification Bypass Vulnerabilit - CVE-2025-20156
Cisco Meeting Management Client-Server Privilege Escalation - CVE-2024-12666
ClassCMS User Management Page admin insufficient privileges
V. Comments for CVE-2020-7288
No comments yet