"High-Severity DLP Flaw Impacts Trellix for Windows"

Trellix, the leading Data Loss Prevention (DLP) vendor, is urging customers to patch a high-severity vulnerability that allows local attackers to circumvent restrictions and exfiltrate sensitive data. The vulnerability, tracked as CVE-2023-0400, affects Windows versions of Trellix DLP (11.9.x) issued in August 2022. Customers should upgrade to Trellix for Windows 11.10.0, which mitigates the vulnerability. Security researchers warn that the flaw is not a straightforward upgrade, increasing the likelihood that security teams would overlook the fix. Trellix considers the flaw to be of "medium severity." However, the National Institute of Standards and Technology (NIST) gave it a high-severity rating. According to Trellix, the vulnerability can only be exploited during product installation. Trellix said that an adversary must be able to map a network drive to their local system in order to exploit this vulnerability. In addition, according to a description of the flaw by Trellix, the attacker would need permission to either access data already on the mapped drive or copy data to the mapped drive. This article continues to discuss the potential impact and exploitation of the DLP flaw that affects Trellix for Windows. 

SC Media reports "High-Severity DLP Flaw Impacts Trellix for Windows"