Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): Trellix agent
- Search Type: Search All
- CPE Name Search: false
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-0977 |
A heap-based overflow vulnerability in Trellix Agent (Windows and Linux) version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable. Published: April 03, 2023; 12:15:07 PM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-0975 |
A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions. Published: April 03, 2023; 12:15:07 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-4326 |
Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality. Published: December 16, 2022; 11:15:25 AM -0500 |
V3.1: 6.0 MEDIUM V2.0:(not available) |
CVE-2022-3859 |
An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL there. Published: November 30, 2022; 4:15:08 AM -0500 |
V3.1: 6.7 MEDIUM V2.0:(not available) |