Lucene search
K

4 matches found

CVE
CVE
added 2023/06/07 7:32 a.m.75 views

CVE-2023-1388

The CVE describes a heap-based overflow in TA prior to version 5.7.9 that allows a remote attacker to alter the page heap within the macmnsvc process memory block, leading to the Trellix service becoming unavailable. Affected: Trellix Agent components (TA/macOS) using macmnsvc prior to 5.7.9. Imp...

8.1CVSS8.1AI score0.00571EPSS
CVE
CVE
added 2024/01/09 1:1 p.m.67 views

CVE-2024-0213

CVE-2024-0213 concerns Trellix Agent (formerly McAfee ePO Agent) and the TA service on Linux and macOS, prior to version 5.8.1. A memory corruption-based buffer overflow in the TA service, which runs as root, allows a local attacker to gain elevated privileges or cause a DoS and may disable event...

8.2CVSS8AI score0.00173EPSS
CVE
CVE
added 2022/11/30 8:29 a.m.63 views

CVE-2022-3859

Summary of CVE-2022-3859 : This is an uncontrolled search path vulnerability in Trellix Agent (TA) for Windows, affecting versions prior to 5.7.8. The root cause is a DLL search path issue that an attacker with admin rights can exploit by placing a malicious DLL in the restricted Windows System f...

6.7CVSS6.4AI score0.00202EPSS
CVE
CVE
added 2023/06/07 7:35 a.m.40 views

CVE-2023-0976

CVE-2023-0976 describes a local command-injection in Trellix Agent (TA) for macOS prior to version 5.7.9. The flaw lets a local attacker place an arbitrary file into the /Library/Trellix/Agent/bin/ directory, with the file being executed via the TA deployment feature in the System Tree. The vulne...

7.8CVSS7.7AI score0.00646EPSS