Vulnerability Description
Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to cause a BSoD through suspending a process, modifying the processes memory and restarting it. This is triggered by the hdlphook driver reading invalid memory.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mcafee | Data Loss Prevention Endpoint | < 11.6.100.41 |
Related Weaknesses (CWE)
References
- https://kc.mcafee.com/corporate/index?page=content&id=SB10354Broken Link
- https://kc.mcafee.com/corporate/index?page=content&id=SB10357Broken Link
- https://kc.mcafee.com/corporate/index?page=content&id=SB10354Broken Link
- https://kc.mcafee.com/corporate/index?page=content&id=SB10357Broken Link
FAQ
What is CVE-2021-23886?
CVE-2021-23886 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to cause a BSoD through suspending a process, modif...
How severe is CVE-2021-23886?
CVE-2021-23886 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-23886?
Check the references section above for vendor advisories and patch information. Affected products include: Mcafee Data Loss Prevention Endpoint.