Unquoted service path vulnerability in McAfee File and Removable Media Protection (FRP) prior to 5.3.0 allows local users to execute…
trellix·CWE-428·Published 2020-10-07
Unquoted service path vulnerability in McAfee File and Removable Media Protection (FRP) prior to 5.3.0 allows local users to execute arbitrary code, with higher privileges, via execution and from a compromised folder. This issue may result in files not being encrypted when a policy is triggered.
Unquoted service path vulnerability in McAfee File and Removable Media Protection (FRP) prior to 5.3.0 allows local users to execute arbitrary code, with higher privileges, via execution and from a compromised folder. This issue may result in files not being encrypted when a policy is triggered.
Una vulnerabilidad de ruta de servicio sin comillas en McAfee File and Removable Media Protection (FRP) versiones anteriores a 5.3.0, permite a usuarios locales ejecutar código arbitrario, con mayores privilegios, mediante una ejecución y desde una carpeta comprometida. Este problema puede resultar en que archivos no sean cifrados cuando se activa una política
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 4.6 | 3.9 | 6.4 | AV:L/AC:L/Au:N/C:P/I:P/A:P |
| 3.1 | Primary | NVD | 7.8 | 1.8 | 5.9 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | Primary | cve.org | 6.6 | — | — | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H |
| 3.1 | Primary | cve.org | 6.6 | — | — | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H |
| 3.1 | Secondary | NVD | 6.6 | 1.8 | 4.7 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H |