CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-4326 – Trellix xAgent permission bypass vulnerability
https://notcve.org/view.php?id=CVE-2022-4326
16 Dec 2022 — Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality. La vulnerabilidad de preservación inadecuada de permisos en Trellix Endpoint Agent (xAgent) anterior a V35.31.22 en Windows permite a un usuario local con privilegios de administrador omitir la protección del prod... • https://docs.trellix.com/bundle/xagent_35-31-22_rn/page/UUID-73c848e7-6107-fe11-d83d-b17bd5b1449c.html • CWE-281: Improper Preservation of Permissions •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3859
https://notcve.org/view.php?id=CVE-2022-3859
30 Nov 2022 — An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL there. Existe una vulnerabilidad de Ruta de Búsqueda No Controlada en Trellix Agent (TA) para Windows en versiones anteriores a la 5.7.8. Esto permite que un atacante con acceso de administrador, que debe colocar la D... • https://kcm.trellix.com/corporate/index?page=content&id=SB10391 • CWE-427: Uncontrolled Search Path Element •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-3340 – Trellix IPS Manager vulnerable to XXE
https://notcve.org/view.php?id=CVE-2022-3340
04 Nov 2022 — XML External Entity (XXE) vulnerability in Trellix IPS Manager prior to 10.1 M8 allows a remote authenticated administrator to perform XXE attack in the administrator interface part of the interface, which allows a saved XML configuration file to be imported. La vulnerabilidad de entidad externa XML (XXE) en Trellix IPS Manager anterior a 10.1 M8 permite que un administrador remoto autenticado realice un ataque XXE en la parte de la interfaz del administrador de la interfaz, lo que permite importar un archi... • https://kcm.trellix.com/corporate/index?page=content&id=SB10388 • CWE-611: Improper Restriction of XML External Entity Reference •