Lucene search
+L

304 matches found

cnnvd
cnnvd
added 2023/06/07 12:0 a.m.4 views

Trellix Agent 缓冲区错误漏洞

Trellix Agent is a client component of FireEye USA Trellix, Inc. provides secure communication between McAfee ePolicy Orchestrator McAfee ePO and hosted products. A security vulnerability exists in Trellix Agent macOS versions prior to 5.7.9, which stems from a vulnerability that allows a remote...

8.1CVSS7.7AI score0.00571EPSS
Exploits0References2
trellix
trellix
added 2023/05/21 12:0 a.m.4 views

Detecting and Visualizing Lateral Movement Attacks with Trellix Helix Connect - Part 2

Detecting and Visualizing Lateral Movement Attacks with Trellix Helix Connect - Part 2 By Maulik Maheta · May 21, 2023 This blog was also written by Chintan Shah Executive summary In the part 1 of this series we discussed in depth about the known Lateral movement attacks like abusing weak service...

7.9AI score
Exploits0
trellix
trellix
added 2023/05/21 12:0 a.m.25 views

Detecting and Visualizing Lateral Movement Attacks with Trellix XDR - Part 2

Detecting and Visualizing Lateral Movement Attacks with Trellix Helix Connect - Part 2 By Maulik Maheta · May 21, 2023 This blog was also written by Chintan Shah Executive summary In the part 1 of this series we discussed in depth about the known Lateral movement attacks like abusing weak service...

7.9AI score
Exploits0
nessus
nessus
added 2023/05/04 12:0 a.m.24 views

Trellix Agent < 5.7.9 Heap-Based Overflow Vulnerability (SB10396)

The version of Trellix Agent, formerly McAfee Agent or McAfee Policy Orchestrator ePO Agent, installed on the remote host is prior to 5.7.9. It is, therefore, affected by a heap-based overflow vulnerability in TA 5.7.8 and earlier allows a remote user to alter the page heap in the macmnsvc proces...

6.7CVSS6.6AI score0.00638EPSS
Exploits0References2
trellix
trellix
added 2023/05/03 12:0 a.m.68 views

The Bug Report – April 2023 Edition

The Bug Report – April 2023 Edition By Trellix · May 03, 2023 This story was also written by John Rodriguez. It’s never easy coming back. Why am I here? Seems as if some of us should have stayed at our tropical vacation getaway. Nothing like coming back to the cyber world screeching about...

8.9AI score0.48973EPSS
Exploits16
nessus
nessus
added 2023/05/03 12:0 a.m.343 views

Trellix Agent < 5.7.9 Multiple Vulnerabilities (SB10396)

The version of Trellix Agent, formerly McAfee Agent or McAfee Policy Orchestrator ePO Agent, installed on the remote host is prior to 5.7.9. It is, therefore, affected by multiple vulnerabilities: - A vulnerability exists in TA for Windows 5.7.8 and earlier, which allows local users, during...

8.2CVSS6.9AI score0.00638EPSS
Exploits0References3
thn
thn
added 2023/04/13 4:40 p.m.33 views

RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware

Cybersecurity researchers have detailed the tactics of a "rising" cybercriminal gang called "Read The Manual" RTM Locker that functions as a private ransomware-as-a-service RaaS provider and carries out opportunistic attacks to generate illicit profit. "The 'Read The Manual' Locker gang uses...

7.1AI score
Exploits0
cnnvd
cnnvd
added 2023/04/07 12:0 a.m.5 views

Trellix Agent 代码问题漏洞

Trellix Agent is a client component of FireEye USA Trellix, Inc. that provides secure communication between McAfee ePolicy Orchestrator McAfee ePO and hosted products. A security vulnerability exists in Trellix Agent that stems from a heap-based buffer overflow vulnerability...

7.8CVSS7.6AI score0.00646EPSS
Exploits0References2
nvd
nvd
added 2023/04/03 4:15 p.m.52 views

CVE-2023-0977

A heap-based overflow vulnerability in Trellix Agent Windows and Linux version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable...

6.7CVSS6.6AI score0.00638EPSS
Exploits0References1
osv
osv
added 2023/04/03 4:15 p.m.4 views

CVE-2023-0977

A heap-based overflow vulnerability in Trellix Agent Windows and Linux version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable...

6.5CVSS5.7AI score0.00638EPSS
Exploits0References1
nvd
nvd
added 2023/04/03 4:15 p.m.41 views

CVE-2023-0975

A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions...

8.2CVSS8AI score0.00168EPSS
Exploits0References1
osv
osv
added 2023/04/03 4:15 p.m.4 views

CVE-2023-0975

A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions...

7.8CVSS7.1AI score0.00168EPSS
Exploits0References1
prion
prion
added 2023/04/03 4:15 p.m.18 views

Heap overflow

A heap-based overflow vulnerability in Trellix Agent Windows and Linux version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable...

4CVSS6.6AI score0.00638EPSS
Exploits0References1Affected Software1
prion
prion
added 2023/04/03 4:15 p.m.17 views

Design/Logic Flaw

A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions...

4.4CVSS7.4AI score0.00168EPSS
Exploits0References1Affected Software1
cve
cve
added 2023/04/03 3:39 p.m.70 views

CVE-2023-0977

CVE-2023-0977 describes a heap-based overflow in Trellix Agent (Windows and Linux) up to version 5.7.8. The vulnerability lets a remote user alter the page heap in the macmnsvc process memory block, causing the Trellix Agent service to become unavailable. Affected software: Trellix Agent (formerl...

6.7CVSS6.5AI score0.00638EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2023/04/03 3:39 p.m.50 views

CVE-2023-0977

A heap-based overflow vulnerability in Trellix Agent Windows and Linux version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable...

6.7CVSS6.8AI score0.00638EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2023/04/03 3:39 p.m.5 views

CVE-2023-0977

A heap-based overflow vulnerability in Trellix Agent Windows and Linux version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable...

6.7CVSS6.6AI score0.00638EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2023/04/03 3:27 p.m.7 views

CVE-2023-0975

A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions...

8.2CVSS8AI score0.00168EPSS
Exploits0References1
cve
cve
added 2023/04/03 3:27 p.m.90 views

CVE-2023-0975

Affected software: Trellix Agent for Windows, versions 5.7.8 and earlier. Vulnerability: during install/upgrade, local users can replace an Agent executable before it runs, enabling privilege escalation. Root cause: executable replacement during the workflow. Impact: elevation of privileges for l...

8.2CVSS7.4AI score0.00168EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2023/04/03 3:27 p.m.36 views

CVE-2023-0975

A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions...

8.2CVSS8.2AI score0.00168EPSS
Exploits0References1
Rows per page
Query Builder