Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-23887

Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to write to arbitrary controlled kernel addresses. This is achieved by launching applications, suspending them, modifying the memory and restarting them when they are monitored by McAfee DLP through the hdlphook driver.

Published

2021-04-15T08:15:14.713

Last Modified

2024-11-21T05:52:00.433

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Secondary
CWE-269
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	mcafee	data_loss_prevention_endpoint	< 11.6.100.41	Yes

References

https://kc.mcafee.com/corporate/index?page=content&id=SB10354 Broken Link ([email protected])
https://kc.mcafee.com/corporate/index?page=content&id=SB10357 Broken Link ([email protected])
https://kc.mcafee.com/corporate/index?page=content&id=SB10354 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://kc.mcafee.com/corporate/index?page=content&id=SB10357 Broken Link (af854a3a-2127-422b-91ae-364da2661108)