CVE-2023-0976

MEDIUM

Trellix Agent < 5.7.9 - Uncontrolled Search Path

Title source: rule

Description

A command Injection Vulnerability in TA for mac-OS prior to version 5.7.9 allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/ folder. The malicious file is executed by running the TA deployment feature located in the System Tree.

References (1)

[Vendor Advisory] https://kcm.trellix.com/corporate/index?page=content&id=SB10398

Scores

CVSS v3 6.3

EPSS 0.0020

EPSS Percentile 42.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Classification

CWE

CWE-427

Status published

Affected Products (1)

trellix/agent < 5.7.9

Timeline

Published Jun 07, 2023

Tracked Since Feb 18, 2026