304 matches found
NewStart CGSL MAIN 7.02 : libtiff Multiple Vulnerabilities (NS-SA-2025-0128)
The remote NewStart CGSL host, running version MAIN 7.02, has libtiff packages installed that are affected by multiple vulnerabilities: - A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the...
Dark Web Roast - June 2025 Edition
Dark Web Roast - June 2025 Edition By Trellix Advanced Research Center · July 21, 2025 Executive Summary Welcome to the very first Dark Web Roast! Each month, we're going to take a peek into the shadowy world of cybercrime and playfully "roast" some of its characters, all with a little help from...
Trellix Endpoint Security 代码注入漏洞
Trellix Endpoint Security ENS is an endpoint security solution from FireEye Trellix USA. A code injection vulnerability exists in the Trellix Endpoint Security HX Agent that originates from a privileged user being able to create a malicious OpenSSL configuration file that could lead to the loadin...
Detecting and Visualizing Lateral Movement Attacks with Trellix Helix Connect
Detecting and Visualizing Lateral Movement Attacks with Trellix Helix Connect By Maulik Maheta and Adithya Chandra · July 17, 2025 Executive summary This blog marks the third installment in our series on detecting and visualizing lateral movement attacks with Trellix Helix Connect. A lateral...
Detecting and Visualizing Lateral Movement Attacks with Trellix XDR
Detecting and Visualizing Lateral Movement Attacks with Trellix Helix Connect By Maulik Maheta and Adithya Chandra · July 17, 2025 Executive summary This blog marks the third installment in our series on detecting and visualizing lateral movement attacks with Trellix Helix Connect. A lateral...
Trellix Endpoint Security HX 跨站脚本漏洞
Trellix Endpoint Security HX is an endpoint detection and response software from Trellix, USA. A cross-site scripting vulnerability exists in Trellix Endpoint Security HX version 10.0.4, which stems from susceptibility to a stored cross-site scripting attack that could lead to sensitive data...
📄 McAfee Agent 5.7.6 Insecure Storage
This script demonstrates the vulnerability in McAfee's Trellix Agent Database where attackers can retrieve and decrypt credentials from the ma.db database file. Version 5.7.6 is affected. Exploit Title: McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information Date: 24 June 2025 Exploit...
Trellix System Information Reporter 路径遍历漏洞
Trellix System Information Reporter is a system information cell phone tool from Trellix, Inc. A path traversal vulnerability exists in Trellix System Information Reporter 1.0.3 and earlier versions, which stems from a path traversal issue that could result in the creation or overwriting of...
Trellix System Information Reporter 安全漏洞
Trellix System Information Reporter is a system information cell phone tool from Trellix USA. A security vulnerability exists in Trellix System Information Reporter 1.0.3 and earlier versions, which stems from a path or symbolic link manipulation issue that could lead to a system file overwrite...
CVE-2024-5956
This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly...
CVE-2024-5955
Cross-site scripting vulnerability in Trellix ePolicy Orchestrator prior to ePO 5.10 Service Pack 1 Update 3 allows a remote authenticated attacker to craft requests causing arbitrary content to be injected into the response when accessing the epolicy Orchestrator...
CVE-2023-6072
A cross-site scripting vulnerability in Trellix Central Management CM prior to 9.1.3.97129 allows a remote authenticated attacker to craft CM dashboard internal requests causing arbitrary content to be injected into the response when accessing the CM dashboard...
CVE-2023-6119
An Improper Privilege Management vulnerability in Trellix GetSusp prior to version 5.0.0.27 allows a local, low privilege attacker to gain access to files that usually require a higher privilege level. This is caused by GetSusp not correctly protecting a directory that it creates during execution...
CVE-2023-4814
A Privilege escalation vulnerability exists in Trellix Windows DLP endpoint for windows which can be abused to delete any file/folder for which the user does not have permission to...
CVE-2023-0978
A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier, allows a local user to inject and execute arbitrary operating system commands using specially crafted strings. This vulnerability is due to insufficient validation of arguments that are passed to...
CVE-2023-0977
A heap-based overflow vulnerability in Trellix Agent Windows and Linux version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable...
CVE-2023-0975
A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions...
CVE-2022-3859
An uncontrolled search path vulnerability exists in Trellix Agent TA for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL ther...
CVE-2022-3340
XML External Entity XXE vulnerability in Trellix IPS Manager prior to 10.1 M8 allows a remote authenticated administrator to perform XXE attack in the administrator interface part of the interface, which allows a saved XML configuration file to be imported...
CVE-2022-4326
Improper preservation of permissions vulnerability in Trellix Endpoint Agent xAgent prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality...