Mcafee · Mcafee Drive Encryption · CVE-2021-31853
Name of the Vulnerable Software and Affected Versions:
McAfee Drive Encryption (MDE) versions prior to 7.3.0 HF2 (7.3.0.183)
Description:
The issue allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder. This is due to a DLL Search Order Hijacking Vulnerability.
Recommendations:
For versions prior to 7.3.0 HF2 (7.3.0.183), update to version 7.3.0 HF2 (7.3.0.183) or later to resolve the issue. As a temporary workaround, consider restricting access to compromised folders to minimize the risk of exploitation.