Description
Privilege escalation vulnerability in DXL Broker for Windows prior to 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory. This can lead to a denial-of-service attack on the DXL Broker.
References (1)
Core 1
Core References
Vendor Advisory
https://kcm.trellix.com/corporate/index?page=content&id=SB10383
Scores
CVSS v3
6.5
EPSS
0.0010
EPSS Percentile
28.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-732
Status
published
Products (1)
mcafee/data_exchange_layer
< 6.0.0.280
Published
Nov 07, 2022
Tracked Since
Feb 18, 2026