Rewterz Threat Advisory – CVE-2022-2330 – McAfee Data Loss Prevention (DLP) Endpoint for Windows Vulnerability

Rewterz Threat Alert – Ramnit Malware – Active IOCs

August 23, 2022

Rewterz Threat Advisory – CVE-2022-35204 – Node.js vite module Vulnerability

August 23, 2022

Rewterz Threat Advisory – CVE-2022-2330 – McAfee Data Loss Prevention (DLP) Endpoint for Windows Vulnerability

Severity

Medium

Analysis Summary

CVE-2022-2330

McAfee Data Loss Prevention (DLP) Endpoint is vulnerable to an XML external entity injection (XXE) attack when processing XML data, caused by a weakly configured XML parser. By using specially-crafted XML content in the configuration file, a remote authenticated attacker could exploit this vulnerability to access a local service that the attacker wouldn’t usually have access.

Impact

Unauthorized Access

Indicators Of Compromise

CVE

CVE-2022-22489

Affected Vendors

McAfee

Affected Products

McAfee Data Loss Prevention (DLP) Endpoint for Windows 11.6

Remediation

Refer to Trellix Security Advisory for patch, upgrade or suggested workaround information.

Trellix Security Advisory

Rewterz Threat Alert – Ramnit Malware – Active IOCs

Rewterz Threat Advisory – CVE-2022-35204 – Node.js vite module Vulnerability

Rewterz Threat Advisory – CVE-2022-2330 – McAfee Data Loss Prevention (DLP) Endpoint for Windows Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan