CVE-2021-23887
Privilege escalation in McAfee DLP Endpoint for Windows
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to write to arbitrary controlled kernel addresses. This is achieved by launching applications, suspending them, modifying the memory and restarting them when they are monitored by McAfee DLP through the hdlphook driver.
Una vulnerabilidad de Escalada de Privilegios en McAfee Data Loss Prevention (DLP) Endpoint para Windows anterior a versiĆ³n 11.6.100, permite a un atacante local, poco privilegiado, escribir direcciones de kernel controladas arbitrariamente. Esto es logrado al iniciar aplicaciones, suspenderlas, modificar la memoria y reiniciarlas cuando son monitoreadas por McAfee DLP por medio del controlador hdlphook
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-01-12 CVE Reserved
- 2021-04-15 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-269: Improper Privilege Management
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10354 | Broken Link | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10357 | Broken Link |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mcafee Search vendor "Mcafee" | Data Loss Prevention Endpoint Search vendor "Mcafee" for product "Data Loss Prevention Endpoint" | < 11.6.100.41 Search vendor "Mcafee" for product "Data Loss Prevention Endpoint" and version " < 11.6.100.41" | windows |
Affected
| ||||||