Lucene search
K
TrellixAgent

6 matches found

CVE
CVE
added 2023/04/03 3:27 p.m.84 views

CVE-2023-0975

Affected software: Trellix Agent for Windows, versions 5.7.8 and earlier. Vulnerability: during install/upgrade, local users can replace an Agent executable before it runs, enabling privilege escalation. Root cause: executable replacement during the workflow. Impact: elevation of privileges for l...

8.2CVSS7.4AI score0.00168EPSS
CVE
CVE
added 2023/06/07 7:32 a.m.74 views

CVE-2023-1388

The CVE describes a heap-based overflow in TA prior to version 5.7.9 that allows a remote attacker to alter the page heap within the macmnsvc process memory block, leading to the Trellix service becoming unavailable. Affected: Trellix Agent components (TA/macOS) using macmnsvc prior to 5.7.9. Imp...

8.1CVSS8.1AI score0.00571EPSS
CVE
CVE
added 2023/04/03 3:39 p.m.67 views

CVE-2023-0977

CVE-2023-0977 describes a heap-based overflow in Trellix Agent (Windows and Linux) up to version 5.7.8. The vulnerability lets a remote user alter the page heap in the macmnsvc process memory block, causing the Trellix Agent service to become unavailable. Affected software: Trellix Agent (formerl...

6.7CVSS6.5AI score0.00535EPSS
CVE
CVE
added 2024/01/09 1:1 p.m.63 views

CVE-2024-0213

CVE-2024-0213 concerns Trellix Agent (formerly McAfee ePO Agent) and the TA service on Linux and macOS, prior to version 5.8.1. A memory corruption-based buffer overflow in the TA service, which runs as root, allows a local attacker to gain elevated privileges or cause a DoS and may disable event...

8.2CVSS8AI score0.00173EPSS
CVE
CVE
added 2022/11/30 8:29 a.m.61 views

CVE-2022-3859

Summary of CVE-2022-3859 : This is an uncontrolled search path vulnerability in Trellix Agent (TA) for Windows, affecting versions prior to 5.7.8. The root cause is a DLL search path issue that an attacker with admin rights can exploit by placing a malicious DLL in the restricted Windows System f...

6.7CVSS6.4AI score0.00202EPSS
CVE
CVE
added 2023/06/07 7:35 a.m.39 views

CVE-2023-0976

CVE-2023-0976 describes a local command-injection in Trellix Agent (TA) for macOS prior to version 5.7.9. The flaw lets a local attacker place an arbitrary file into the /Library/Trellix/Agent/bin/ directory, with the file being executed via the TA deployment feature in the System Tree. The vulne...

7.8CVSS7.7AI score0.00646EPSS