CVEs-PoC/2020/CVE-2020-7254.md

### [CVE-2020-7254](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7254)
![](https://img.shields.io/static/v1?label=Product&message=%20McAfee%20Advanced%20Threat%20Defense%20(ATD)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=4.x%3C%204.8.2%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-264%20Permissions%2C%20Privileges%2C%20and%20Access%20Controls&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-269%20Improper%20Privilege%20Management&color=brighgreen)

### Description

Privilege Escalation vulnerability in the command line interface in McAfee Advanced Threat Defense (ATD) 4.x prior to 4.8.2 allows local users to execute arbitrary code via improper access controls on the sudo command.

### POC

#### Reference
- https://kc.mcafee.com/corporate/index?page=content&id=SB10311

#### Github
No PoCs found on GitHub currently.