6 matches found
CVE-2023-0975
Affected software: Trellix Agent for Windows, versions 5.7.8 and earlier. Vulnerability: during install/upgrade, local users can replace an Agent executable before it runs, enabling privilege escalation. Root cause: executable replacement during the workflow. Impact: elevation of privileges for l...
CVE-2023-1388
The CVE describes a heap-based overflow in TA prior to version 5.7.9 that allows a remote attacker to alter the page heap within the macmnsvc process memory block, leading to the Trellix service becoming unavailable. Affected: Trellix Agent components (TA/macOS) using macmnsvc prior to 5.7.9. Imp...
CVE-2023-0977
CVE-2023-0977 describes a heap-based overflow in Trellix Agent (Windows and Linux) up to version 5.7.8. The vulnerability lets a remote user alter the page heap in the macmnsvc process memory block, causing the Trellix Agent service to become unavailable. Affected software: Trellix Agent (formerl...
CVE-2024-0213
CVE-2024-0213 concerns Trellix Agent (formerly McAfee ePO Agent) and the TA service on Linux and macOS, prior to version 5.8.1. A memory corruption-based buffer overflow in the TA service, which runs as root, allows a local attacker to gain elevated privileges or cause a DoS and may disable event...
CVE-2022-3859
Summary of CVE-2022-3859 : This is an uncontrolled search path vulnerability in Trellix Agent (TA) for Windows, affecting versions prior to 5.7.8. The root cause is a DLL search path issue that an attacker with admin rights can exploit by placing a malicious DLL in the restricted Windows System f...
CVE-2023-0976
CVE-2023-0976 describes a local command-injection in Trellix Agent (TA) for macOS prior to version 5.7.9. The flaw lets a local attacker place an arbitrary file into the /Library/Trellix/Agent/bin/ directory, with the file being executed via the TA deployment feature in the System Tree. The vulne...