Security Advisory

CVE-2021-23892

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-05-12 09:05:13

Last updated 2024-08-03 19:14:09

Assigner trellix

State PUBLISHED

Description

By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security for Linux Threat Prevention and Firewall (ENSL TP/FW) installation process, a local user can perform a privilege escalation attack to obtain administrator privileges for the purpose of executing arbitrary code through insecure use of predictable temporary file locations.

← Browse all CVEs View on cve.org ↗