304 matches found
Cyberattack on Democracy: Escalating Cyber Threats Immediately Ahead of Taiwan’s 2024 Presidential Election
Cyberattack on Democracy: Escalating Cyber Threats Immediately Ahead of Taiwan’s 2024 Presidential Election By Anne An · February 13, 2024 Preface Cybersecurity has become an integral part of election security. Nation-state actors and other politically motivated groups are likely to try to...
Trellix Central Management Cross-Site Scripting Vulnerability
Trellix Central Management is a centralized management system from Trellix, Inc. It consolidates the management, reporting and data sharing of Trellix products into one easy-to-deploy system. A cross-site scripting vulnerability exists in Trellix Central Management prior to version 9.1.3.97129,...
JAVA-based Sophisticated Stealer Using Discord Bot as EventListener
JAVA-Based Sophisticated Stealer Using Discord Bot as EventListener By Trellix · January 18, 2024 This blog was written by Gurumoorthi Ramanathan Executive Summary: In mid-November 2023, Trellix Advanced Research Center team members observed a Java-based stealer being spread through cracked...
Trellix Central Management Cross-Site Scripting Vulnerability
Trellix Central Management is a centralized management system from Trellix, Inc. It consolidates the management, reporting and data sharing of Trellix products into one easy-to-deploy system. A cross-site scripting vulnerability exists in Trellix Central Management version 9.1.1.956704, which ste...
Trellix Central Management Security Vulnerability
Trellix Central Management is a centralized management system from Trellix, Inc. It consolidates the management, reporting and data sharing of Trellix products into one easy-to-deploy system. A security vulnerability exists in Trellix Central Management version 9.1.1.956704 that stems from the...
Trellix Malware Analysis Cross-Site Scripting Vulnerability
Trellix Malware Analysis is a malware analysis software from Trellix, Inc. A cross-site scripting vulnerability exists in Trellix Malware Analysis version 9.0.3.936530, which stems from the presence of a cross-site scripting vulnerability. The vulnerability allows an attacker to send a specially...
Trellix Endpoint Security Security Vulnerabilities
Trellix Endpoint Security ENS is an endpoint security solution from FireEye USA Trellix. A security vulnerability exists in Trellix Endpoint Security version 5.2.0.958244, which stems from an improper cleanup vulnerability in thrown exceptions. The vulnerability could allow an attacker to send...
Trellix Agent < 5.8.1 Buffer Overflow Vulnerability (SB10416)
The version of Trellix Agent, formerly McAfee Agent or McAfee Policy Orchestrator ePO Agent, installed on the remote host is prior to 5.8.1. It is, therefore, affected by a buffer overflow vulnerability due to not handling files in the /var/McAfeee/.msgbus folder correctly. A local attacker can...
Trellix Endpoint Security Cross-Site Scripting Vulnerability
Trellix Endpoint Security ENS is an endpoint security solution from FireEye Trellix USA. A cross-site scripting vulnerability exists in Trellix Endpoint Security ENS Web Control prior to version 10.7.0 Update 15, which originates from a cross-site scripting vulnerability that allows a remote...
CVE-2024-0206
A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symboli...
CVE-2024-0206
A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symboli...
CVE-2024-0206
CVE-2024-0206 affects Trellix Anti-Malware Engine prior to the January 2024 release. The root cause is a symbolic link in the Trellix ENS registry folder that a privileged, authenticated local user can create, which the Engine then follows after a scan, potentially removing files the user should ...
CVE-2024-0206
A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symboli...
Trellix Agent Security Vulnerability
Trellix Agent is a client component of FireEye USA Trellix, Inc. It provides secure communication between McAfee ePolicy Orchestrator McAfee ePO and hosted products. A security vulnerability exists in Trellix Agent versions prior to 5.8.1, which stems from the presence of a buffer overflow...
Trellix Anti-Malware Engine Backlink Vulnerability
Trellix Anti-Malware Engine is a security program from FireEye Trellix, Inc. Trellix Anti-Malware Engine version 6700 suffers from a back-link vulnerability that stems from the presence of a symbolic link manipulation vulnerability that allows privilege escalation by authenticated local users...
The Anatomy of HTML Attachment Phishing
The Anatomy of HTML Attachment Phishing: One Code, Many Variants By Mathanraj Thangaraju, Niranjan Hegde, and Sijo Jacob · June 14, 2023 Introduction Phishing is the malevolent practise of pretending to be a reliable entity in electronic communication to steal sensitive data, such as login...
Scanning Danger: Unmasking the Threats of Quishing
Scanning Danger: Unmasking the Threats of Quishing By Shyava Tripathi and Rohan Shah · December 7, 2023 This blog was also written by Raghav Kapoor Phishing, a prevalent cybercrime worldwide, is responsible for as much as 90 percent of data breaches, making it a significant avenue for the theft o...
Trellix Enterprise Security Manager < 11.6.7 Command Injection
The version of Trellix Enterprise Security Manager running on the remote web server is prior to 11.6.7. It is, therefore, affected by multiple command injection vulnerabilities. - A vulnerability arises out of a failure to comprehensively sanitize the processing of a zip files. Incomplete...
Trellix Enterprise Security Manager < 11.6.9 Command Injection
The version of Trellix Enterprise Security Manager running on the remote web server is prior to 11.6.9. It is, therefore, affected by a command injection vulnerability. Due to improper neutralization of special elements, a remote attacker, authenticated as an administrator, can execute code as...
Trellix Application and Change Control Path Traversal Vulnerability
Trellix Application and Change Control Trellix ACC is an application and change control program from FireEye USA Trellix. A path traversal vulnerability exists in Trellix Application and Change Control TACC versions prior to 8.4.0, which stems from a path traversal vulnerability in the TACC ePO...