CVE-2025-14963

CVE-2025-14963 involves the Trellix HX Agent driver file fekern.sys. The vulnerability enables a local user to obtain elevated privileges by leveraging a Bring Your Own Vulnerable Driver (BYOVD) to access the lsass.exe memory. The description notes that the vulnerable driver installed in a system...

EUVD-2022-43199

Malicious code in bioql PyPI...

EUVD-2023-12962

Malicious code in bioql PyPI...

EUVD-2023-12960

Malicious code in bioql PyPI...

NewStart CGSL MAIN 7.02 : libtiff Multiple Vulnerabilities (NS-SA-2025-0128)

The remote NewStart CGSL host, running version MAIN 7.02, has libtiff packages installed that are affected by multiple vulnerabilities: - A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the...

📄 McAfee Agent 5.7.6 Insecure Storage

This script demonstrates the vulnerability in McAfee's Trellix Agent Database where attackers can retrieve and decrypt credentials from the ma.db database file. Version 5.7.6 is affected. Exploit Title: McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information Date: 24 June 2025 Exploit...

CVE-2023-0977

A heap-based overflow vulnerability in Trellix Agent Windows and Linux version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable...

CVE-2023-0975

A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions...

CVE-2022-3859

An uncontrolled search path vulnerability exists in Trellix Agent TA for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL ther...

Trellix Agent < 5.8.1 Buffer Overflow Vulnerability (SB10416)

The version of Trellix Agent, formerly McAfee Agent or McAfee Policy Orchestrator ePO Agent, installed on the remote host is prior to 5.8.1. It is, therefore, affected by a buffer overflow vulnerability due to not handling files in the /var/McAfeee/.msgbus folder correctly. A local attacker can...

Trellix Agent Security Vulnerability

Trellix Agent is a client component of FireEye USA Trellix, Inc. It provides secure communication between McAfee ePolicy Orchestrator McAfee ePO and hosted products. A security vulnerability exists in Trellix Agent versions prior to 5.8.1, which stems from the presence of a buffer overflow...

CVE-2023-0976

A command Injection Vulnerability in TA for mac-OS prior to version 5.7.9 allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/ folder. The malicious file is executed by running the TA deployment feature located in the System Tree...

Trellix Agent 缓冲区错误漏洞

Trellix Agent is a client component of FireEye USA Trellix, Inc. provides secure communication between McAfee ePolicy Orchestrator McAfee ePO and hosted products. A security vulnerability exists in Trellix Agent macOS versions prior to 5.7.9, which stems from a vulnerability that allows a remote...

PT-2023-16658 · Trellix · Ta

Name of the Vulnerable Software and Affected Versions: TA for mac-OS versions prior to 5.7.9 Description: A command injection issue allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/ folder. The malicious file is executed by running the TA deployment feature locate...

Trellix Agent < 5.7.9 Heap-Based Overflow Vulnerability (SB10396)

The version of Trellix Agent, formerly McAfee Agent or McAfee Policy Orchestrator ePO Agent, installed on the remote host is prior to 5.7.9. It is, therefore, affected by a heap-based overflow vulnerability in TA 5.7.8 and earlier allows a remote user to alter the page heap in the macmnsvc proces...

Trellix Agent < 5.7.9 Multiple Vulnerabilities (SB10396)

The version of Trellix Agent, formerly McAfee Agent or McAfee Policy Orchestrator ePO Agent, installed on the remote host is prior to 5.7.9. It is, therefore, affected by multiple vulnerabilities: - A vulnerability exists in TA for Windows 5.7.8 and earlier, which allows local users, during...

Trellix Agent 代码问题漏洞

Trellix Agent is a client component of FireEye USA Trellix, Inc. that provides secure communication between McAfee ePolicy Orchestrator McAfee ePO and hosted products. A security vulnerability exists in Trellix Agent that stems from a heap-based buffer overflow vulnerability...

CVE-2023-0977

A heap-based overflow vulnerability in Trellix Agent Windows and Linux version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable...

CVE-2023-0975

A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions...

CVE-2023-0975

A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions...