Rewterz Threat Advisory – Multiple Kubernetes Vulnerabilites

April 15, 2021

Rewterz Threat Advisory – ICS: Siemens Nucleus Products DNS Module

April 16, 2021

Rewterz Threat Advisory – McAfee (DLP) Endpoint for Windows Vulnerabilities

April 15, 2021

Severity

Medium

Analysis Summary

CVE-2021-23886

Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to cause a BSoD through suspending a process, modifying the processes memory and restarting it. This is triggered by the hdlphook driver reading invalid memory.

CVE-2021-23887

Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to write to arbitrary controlled kernel addresses. This is achieved by launching applications, suspending them, modifying the memory and restarting them when they are monitored by McAfee DLP through the hdlphook driver.

Impact

Improper Handling of Exceptional Conditions
Privilege escalation

Affected Vendors

McAfee

Affected Products

(DLP) Endpoint for Windows Prior to HF 11.6.100.41

Remediation

To remediate this issue, customers should update to DLP Endpoint for Windows HF 11.6.100.41.

Product Downloads site,

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Python RAT Uses Discord Interface to Execute Remote Attacks

Critical Alert: Jordanian Banks Under Siege by Everest Ransomware Group

The SocGholish-RansomHub Connection – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – Multiple Kubernetes Vulnerabilites

Rewterz Threat Advisory – ICS: Siemens Nucleus Products DNS Module

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.