Security Advisory

CVE-2022-3859

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-30 08:29:29

Last updated 2025-04-23 19:28:30

Assigner trellix

State PUBLISHED

Description

An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL there.

← Browse all CVEs View on cve.org ↗