CVE-2021-23892
CVE-2021-23892
By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security for Linux Threat Prevention and Firewall (ENSL TP/FW) installation process, a local user can perform a privilege escalation attack to obtain administrator privileges for the purpose of executing arbitrary code through insecure use of predictable temporary file locations.
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Productos afectados
McAfee,LLC · McAfee Endpoint Security (ENS) for Linux¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →