What is the severity of CVE-2021-23887?

The severity of CVE-2021-23887 is high with a CVSS score of 7.8.

What is the affected software for CVE-2021-23887?

The affected software for CVE-2021-23887 is McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to version 11.6.100.41.

How does the vulnerability in CVE-2021-23887 work?

The vulnerability in CVE-2021-23887 allows a local, low privileged attacker to write to arbitrary controlled kernel addresses by launching applications, suspending them, modifying the memory, and restarting.

Is there a fix available for CVE-2021-23887?

Yes, a fix for CVE-2021-23887 is available in McAfee Data Loss Prevention (DLP) Endpoint version 11.6.100.41 and above.

Where can I find more information about CVE-2021-23887?

More information about CVE-2021-23887 can be found on the official McAfee website at the following links: [McAfee Security Bulletin SB10354](https://kc.mcafee.com/corporate/index?page=content&id=SB10354) and [McAfee Security Bulletin SB10357](https://kc.mcafee.com/corporate/index?page=content&id=SB10357).

Vulnerability/
CVE-2021-23887

high

7.8

CWE

269

15/4/2021

3/8/2024

CVE-2021-23887: Privilege escalation in McAfee DLP Endpoint for Windows

First published: Thu Apr 15 2021(Updated: )

Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to write to arbitrary controlled kernel addresses. This is achieved by launching applications, suspending them, modifying the memory and restarting them when they are monitored by McAfee DLP through the hdlphook driver.

Credit: trellixpsirt@trellix.com psirt@mcafee.com

Affected Software	Affected Version	How to fix
Mcafee Data Loss Prevention Endpoint	<11.6.100.41

Remedy

https://kc.mcafee.com/corporate/index?page=content&id=SB10357

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2021-23887?
The severity of CVE-2021-23887 is high with a CVSS score of 7.8.
What is the affected software for CVE-2021-23887?
The affected software for CVE-2021-23887 is McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to version 11.6.100.41.
How does the vulnerability in CVE-2021-23887 work?
The vulnerability in CVE-2021-23887 allows a local, low privileged attacker to write to arbitrary controlled kernel addresses by launching applications, suspending them, modifying the memory, and restarting.
Is there a fix available for CVE-2021-23887?
Yes, a fix for CVE-2021-23887 is available in McAfee Data Loss Prevention (DLP) Endpoint version 11.6.100.41 and above.
Where can I find more information about CVE-2021-23887?
More information about CVE-2021-23887 can be found on the official McAfee website at the following links: [McAfee Security Bulletin SB10354](https://kc.mcafee.com/corporate/index?page=content&id=SB10354) and [McAfee Security Bulletin SB10357](https://kc.mcafee.com/corporate/index?page=content&id=SB10357).

collector/nvd-index
collector/nvd-api
agent/type
agent/author
collector/mitre-cve
source/MITRE
agent/references
agent/severity
agent/title
agent/remedy
agent/last-modified-date
agent/weakness
agent/softwarecombine
agent/tags
agent/first-publish-date
agent/event
agent/description
vendor/mcafee
canonical/mcafee data loss prevention endpoint

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.