CVE-2021-31844
Local Privilege Escalation in McAfee DLP Endpoint for Windows
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a local attacker to execute arbitrary code with elevated privileges through placing carefully constructed Ami Pro (.sam) files onto the local system and triggering a DLP Endpoint scan through accessing a file. This is caused by the destination buffer being of fixed size and incorrect checks being made on the source size.
Una vulnerabilidad de desbordamiento del búfer en McAfee Data Loss Prevention (DLP) Endpoint para Windows versiones anteriores a 11.6.200, permite a un atacante local ejecutar código arbitrario con privilegios elevados mediante la colocación de archivos Ami Pro (.sam) cuidadosamente construidos en el sistema local y desencadenando un análisis de DLP Endpoint mediante el acceso a un archivo. Esto es causado porque el búfer de destino es de tamaño fijo y se realizan comprobaciones incorrectas del tamaño de origen
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-04-27 CVE Reserved
- 2021-09-17 CVE Published
- 2023-11-16 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (1)
URL | Tag | Source |
---|---|---|
https://kc.mcafee.com/corporate/index?page=content&id=SB10368 | Broken Link |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Mcafee Search vendor "Mcafee" | Data Loss Prevention Endpoint Search vendor "Mcafee" for product "Data Loss Prevention Endpoint" | < 11.6.200 Search vendor "Mcafee" for product "Data Loss Prevention Endpoint" and version " < 11.6.200" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|