CVE-2019-3595

Name of the Vulnerable Software and Affected Versions McAfee Data Loss Prevention Endpoint versions prior to 11.3.0

Description The issue is related to insufficient argument validation in a command, which can be exploited to execute arbitrary code. This can be achieved through a specially crafted DLP policy that is exported and opened on the local machine, allowing an authenticated administrator to execute code with their local machine privileges. The user must explicitly allow the code to execute.

Recommendations For versions prior to 11.3.0, update to version 11.3.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of DLP policies to minimize the risk of exploitation. Avoid opening specially crafted DLP policies on local machines until the issue is resolved.