CVEs-PoC/2021/CVE-2021-23892.md

### [CVE-2021-23892](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23892)
![](https://img.shields.io/static/v1?label=Product&message=McAfee%20Endpoint%20Security%20(ENS)%20for%20Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20unspecified%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen)

### Description

By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security for Linux Threat Prevention and Firewall (ENSL TP/FW) installation process, a local user can perform a privilege escalation attack to obtain administrator privileges for the purpose of executing arbitrary code through insecure use of predictable temporary file locations.

### POC

#### Reference
- https://kc.mcafee.com/corporate/index?page=content&id=SB10355

#### Github
No PoCs found on GitHub currently.