CVE-2022-3859

MEDIUM

Trellix Agent <5.7.8 - Privilege Escalation

Title source: llm

Description

An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL there.

References (1)

[Patch, Vendor Advisory] https://kcm.trellix.com/corporate/index?page=content&id=SB10391

Scores

CVSS v3 6.7

EPSS 0.0015

EPSS Percentile 35.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-427

Status published

Affected Products (1)

trellix/agent < 5.7.8

Timeline

Published Nov 30, 2022

Tracked Since Feb 18, 2026