Design/Logic Flaw

2022-12-1616:15:00

PRIOn knowledge base

www.prio-n.com

trellix endpoint agent

permission preservation

vulnerability

removal protection

windows

5.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality.

CPENameOperatorVersion
endpoint_securitylt35.31.22

CPE	Name	Operator	Version
	endpoint_security	lt	35.31.22

References

docs.trellix.com/bundle/xagent_35-31-22_rn/page/UUID-73c848e7-6107-fe11-d83d-b17bd5b1449c.html