CVE-2021-23879

Name of the Vulnerable Software and Affected Versions: McAfee Endpoint Product Removal (EPR) Tool versions prior to 21.2

Description: The issue allows local administrators to execute arbitrary code with higher-level privileges via execution from a compromised folder. The tool did not enforce and protect the execution path, requiring local admin privileges to place files in the required location.

Recommendations: For versions prior to 21.2, update to version 21.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the execution path to minimize the risk of exploitation.