CVE-2021-23887

Privilege escalation in McAfee DLP Endpoint for Windows

CVSS 7.8 HIGHEPSS 0.2%CWE-269

Vexday Risk Score

21Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 7.8EPSS 0.2%KEV nãoPoC —Patch —

Ciclo de vida

15 abr 2021Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to write to arbitrary controlled kernel addresses. This is achieved by launching applications, suspending them, modifying the memory and restarting them when they are monitored by McAfee DLP through the hdlphook driver.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Productos afectados

McAfee,LLC · McAfee Data Loss Prevention (DLP) Endpoint for Windows

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://kc.mcafee.com/corporate/index?page=content&id=SB10354 https://kc.mcafee.com/corporate/index?page=content&id=SB10357