Plataforma
broadcom
Componente
mcafee-web-gateway
Corrigido em
9.2.1
CVE-2020-7293 describes a privilege escalation vulnerability affecting McAfee Web Gateway versions 9.2.1 and earlier. This flaw allows authenticated users with limited permissions to maliciously alter the system's root password, potentially granting them complete control over the affected system. The vulnerability was published on September 15, 2020, and a fix is available in version 9.2.1.
The impact of CVE-2020-7293 is severe. Successful exploitation allows an attacker to gain root access to the McAfee Web Gateway appliance. This grants them the ability to modify system configurations, install malicious software, exfiltrate sensitive data, and potentially pivot to other systems on the network. The ability to change the root password effectively bypasses all security controls and represents a complete compromise of the appliance. This vulnerability is particularly concerning given the critical role Web Gateways play in protecting organizations from web-based threats.
CVE-2020-7293 is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, suggesting limited active exploitation. However, the vulnerability's criticality and ease of exploitation make it a high-priority target for attackers. The NVD was published on September 15, 2020.
Organizations heavily reliant on McAfee Web Gateway for web filtering and security are at significant risk. Specifically, deployments with overly permissive user roles within the Web Gateway interface are particularly vulnerable. Shared hosting environments utilizing McAfee Web Gateway may also be at risk if user accounts are not properly segregated.
• broadcom / server:
journalctl -u mcafee-web-gateway | grep -i "root password"• broadcom / server:
ps aux | grep -i "root password change"disclosure
Status do Exploit
EPSS
0.10% (percentil 27%)
Vetor CVSS
The primary mitigation for CVE-2020-7293 is to immediately upgrade McAfee Web Gateway to version 9.2.1 or later. If upgrading is not immediately feasible, consider implementing strict access controls within the user interface to limit the privileges of authenticated users. Review user roles and permissions to ensure they adhere to the principle of least privilege. While a direct workaround is not available, restricting user interface access can reduce the attack surface. After upgrading, confirm the fix by attempting to modify the root password with a low-privileged user account; the attempt should be denied.
Actualice McAfee Web Gateway a la versión 9.2.1 o posterior. Esta actualización corrige la vulnerabilidad de escalada de privilegios que permite a usuarios autenticados con bajos permisos cambiar la contraseña del usuario root. La actualización se puede realizar a través de la interfaz de administración del producto.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2020-7293 is a critical vulnerability in McAfee Web Gateway versions up to 9.2.1 that allows authenticated users with low permissions to change the system's root password.
If you are running McAfee Web Gateway versions 9.2.1 or earlier, you are potentially affected by this vulnerability.
Upgrade McAfee Web Gateway to version 9.2.1 or later to remediate the vulnerability. Review user permissions in the meantime.
While no widespread exploitation has been publicly confirmed, the vulnerability's criticality makes it a potential target for attackers.
Refer to the McAfee Security Advisory: https://kc.mcafee.com/corporate/details/7293
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.