CVE-2020-7346

Name of the Vulnerable Software and Affected Versions McAfee Data Loss Prevention (DLP) for Windows versions prior to 11.6.100

Description The issue is related to a privilege escalation vulnerability that allows a local, low-privileged attacker to load DLLs of their choice by using junctions and sending a specific IOTL command at the correct time. This requires the creation and removal of junctions by the attacker. The vulnerability is associated with insecure privilege management.

Recommendations For versions prior to 11.6.100, update to version 11.6.100 or later to resolve the issue. As a temporary workaround, consider restricting the ability to create and remove junctions to minimize the risk of exploitation. Avoid using the IOTL command in sensitive operations until the issue is resolved.