Trellix DLP Vulnerability Allows Attackers To Delete Files


A privilege escalation vulnerability has been identified in the Trellix Windows DLP endpoint for Windows, which may be exploited to delete any file/folder for which the user does not have authorization.

Trellix DLP Endpoint protects against all potential leak channels, including portable storage devices, the cloud, email, instant messaging, web, printing, clipboard, screen capture, file-sharing applications, and more.

This ‘medium’ severity vulnerability is tracked as CVE-2023–4814 with a CVSS base score of 7.1. Trellix, a cybersecurity firm, recently addressed the issue of privilege escalation.

Impacted Version

Data Loss Prevention (DLP) for Windows 11.10.100.17

Document

Get a Demo

With DoControl, you can keep your SaaS applications and data safe and secure by creating workflows tailored to your needs. It’s an easy and efficient way to identify and manage risks. You can mitigate the risk and exposure of your organization’s SaaS applications in just a few simple steps.

Fix Released

Trellix DLP Vulnerability Allows Attackers To Delete Files

To Determine Whether the Product is Vulnerable

For Endpoint Security on Windows:

Use the following instructions for endpoint or client-based products:

  • Right-click the tray shield icon on the Windows taskbar.
  • Select Endpoint Security.
  • In the console, select Action Menu.
  • In the Action Menu, select About. The product version displays.

For endpoint products and ENS on other platforms:

  • Right-click the tray shield icon on the Windows taskbar.
  • Select Open Console.
  • In the console, select Action Menu.
  • In the Action Menu, select Product Details. The product version displays.

Hence, it is recommended to download the applicable product update/hotfix file. 

Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, Twitter, and Facebook.





Source link