Description
An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL there.
References (1)
Core 1
Core References
Patch, Vendor Advisory
https://kcm.trellix.com/corporate/index?page=content&id=SB10391
Scores
CVSS v3
6.7
EPSS
0.0020
EPSS Percentile
10.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-427
Status
published
Products (1)
trellix/agent
< 5.7.8
Published
Nov 30, 2022
Tracked Since
Feb 18, 2026