Unrated severityNVD Advisory· Published Nov 30, 2022· Updated Apr 23, 2025
CVE-2022-3859
CVE-2022-3859
Description
An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL there.
Affected products
2<5.7.8+ 1 more
- (no CPE)range: <5.7.8
- (no CPE)range: 5.x
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.