A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions.
References
Link | Resource |
---|---|
https://kcm.trellix.com/corporate/index?page=content&id=SB10396 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
07 Nov 2023, 04:02
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions. |
10 Apr 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-281 | |
CPE | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:trellix:agent:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
First Time |
Microsoft windows
Trellix Trellix agent Microsoft |
|
References | (MISC) https://kcm.trellix.com/corporate/index?page=content&id=SB10396 - Vendor Advisory |
03 Apr 2023, 17:24
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-03 16:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-0975
Mitre link : CVE-2023-0975
CVE.ORG link : CVE-2023-0975
JSON object : View
Products Affected
microsoft
- windows
trellix
- agent
CWE
CWE-281
Improper Preservation of Permissions