November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Alert – Ramnit Malware – Active IOCs
August 23, 2022Rewterz Threat Advisory – CVE-2022-35204 – Node.js vite module Vulnerability
August 23, 2022Rewterz Threat Alert – Ramnit Malware – Active IOCs
August 23, 2022Rewterz Threat Advisory – CVE-2022-35204 – Node.js vite module Vulnerability
August 23, 2022
Severity
Medium
Analysis Summary
CVE-2022-2330
McAfee Data Loss Prevention (DLP) Endpoint is vulnerable to an XML external entity injection (XXE) attack when processing XML data, caused by a weakly configured XML parser. By using specially-crafted XML content in the configuration file, a remote authenticated attacker could exploit this vulnerability to access a local service that the attacker wouldn’t usually have access.
Impact
- Unauthorized Access
Indicators Of Compromise
CVE
- CVE-2022-22489
Affected Vendors
McAfee
Affected Products
- McAfee Data Loss Prevention (DLP) Endpoint for Windows 11.6
Remediation
Refer to Trellix Security Advisory for patch, upgrade or suggested workaround information.