3 matches found
CVE-2023-3665
CVE-2023-3665 concerns a code injection flaw in Trellix Endpoint Security (ENS) up to version 10.7.0. The root cause is that a local attacker can set environment variables to disable the AMSI component, resulting in denial of service and potential arbitrary code execution. The materials confirm a...
CVE-2025-14963
CVE-2025-14963 involves the Trellix HX Agent driver file fekern.sys. The vulnerability enables a local user to obtain elevated privileges by leveraging a Bring Your Own Vulnerable Driver (BYOVD) to access the lsass.exe memory. The description notes that the vulnerable driver installed in a system...
CVE-2022-4326
The CVE-2022-4326 issue affects Trellix Endpoint Agent (xAgent) on Windows prior to V35.31.22. A faulty removal-protection permissions scheme allows a local administrator to bypass protections and uninstall the agent. Affected component is the removal-protection mechanism within xAgent; root caus...