CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-45456
https://notcve.org/view.php?id=CVE-2022-45456
26 Apr 2023 — Denial of service due to unauthenticated API endpoint. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 30161. • https://security-advisory.acronis.com/advisories/SEC-4149 • CWE-287: Improper Authentication •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-0977
https://notcve.org/view.php?id=CVE-2023-0977
03 Apr 2023 — A heap-based overflow vulnerability in Trellix Agent (Windows and Linux) version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable. • https://kcm.trellix.com/corporate/index?page=content&id=SB10396 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0975
https://notcve.org/view.php?id=CVE-2023-0975
03 Apr 2023 — A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions. • https://kcm.trellix.com/corporate/index?page=content&id=SB10396 • CWE-281: Improper Preservation of Permissions •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-45455
https://notcve.org/view.php?id=CVE-2022-45455
13 Feb 2023 — Local privilege escalation due to incomplete uninstallation cleanup. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107, Acronis Agent (Windows) before build 30025, Acronis Cyber Protect 15 (Windows) before build 30984. • https://security-advisory.acronis.com/advisories/SEC-4459 • CWE-459: Incomplete Cleanup •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-45454
https://notcve.org/view.php?id=CVE-2022-45454
13 Feb 2023 — Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before build 30161, Acronis Cyber Protect 15 (Windows) before build 30984. • https://security-advisory.acronis.com/advisories/SEC-4379 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-276: Incorrect Default Permissions •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3859
https://notcve.org/view.php?id=CVE-2022-3859
30 Nov 2022 — An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL there. Existe una vulnerabilidad de Ruta de Búsqueda No Controlada en Trellix Agent (TA) para Windows en versiones anteriores a la 5.7.8. Esto permite que un atacante con acceso de administrador, que debe colocar la D... • https://kcm.trellix.com/corporate/index?page=content&id=SB10391 • CWE-427: Uncontrolled Search Path Element •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2313 – DLL high jacking in Trellix Agent
https://notcve.org/view.php?id=CVE-2022-2313
27 Jul 2022 — A DLL hijacking vulnerability in the MA Smart Installer for Windows prior to 5.7.7, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL into the folder from where the Smart installer is being executed. Una vulnerabilidad de secuestro de DLL en el instalador inteligente de MA para Windows versiones anteriores a 5.7.7, que permite a usuarios locales ejecutar código arbitrario y obtener privilegios superiores por medio de la colocación cuidad... • https://kcm.trellix.com/corporate/index?page=content&id=SB10385&actp=null&viewlocale=en_US&showDraft=false&platinum_status=false&locale=en_US • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-30990 – Sensitive information disclosure due to insecure folder permissions
https://notcve.org/view.php?id=CVE-2022-30990
18 May 2022 — Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 (Linux) before build 29240, Acronis Agent (Linux) before build 28037 Una divulgación de información confidencial debido a permisos de carpetas no seguras. Los siguientes productos están afectados: Acronis Cyber Protect 15 (Linux) versiones anteriores a compilación 29240, Acronis Agent (Linux) versiones anteriores a compilación 28037 • https://security-advisory.acronis.com/advisories/SEC-2299 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1257 – Improper Verification of Cryptographic Signature by McAfee Agent
https://notcve.org/view.php?id=CVE-2022-1257
14 Apr 2022 — Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files. Una vulnerabilidad de almacenamiento no seguro de información confidencial en MA para Linux, macOS y Windows versiones anteriores a 5.7.6 permite a un usuario local conseguir acceso a información confidencial mediante almacenamiento en ma.db. La inf... • https://kc.mcafee.com/corporate/index?page=content&id=SB10382 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1258 – SQL injection vulnerability in McAfee Agent's ePO extension
https://notcve.org/view.php?id=CVE-2022-1258
14 Apr 2022 — A blind SQL injection vulnerability in the ePolicy Orchestrator (ePO) extension of MA prior to 5.7.6 can be exploited by an authenticated administrator on ePO to perform arbitrary SQL queries in the back-end database, potentially leading to command execution on the server. Una vulnerabilidad de inyección SQL ciega en la extensión ePolicy Orchestrator (ePO) de MA versiones anteriores a 5.7.6 puede ser explotada por un administrador autenticado en ePO para llevar a cabo consultas SQL arbitrarias en la base de... • https://kc.mcafee.com/corporate/index?page=content&id=SB10382 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •