VYPR
Medium severity5.5NVD Advisory· Published Oct 4, 2023· Updated Jun 17, 2026

CVE-2023-3665

CVE-2023-3665

Description

A code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and earlier, allowed a local user to disable the ENS AMSI component via environment variables, leading to denial of service and or the execution of arbitrary code.

Affected products

2
  • Trellix/ENS HXllm-fuzzy
    Range: <=10.7.0 April 2023 release
  • Trellix/Trellix Endpoint Securityv5
    Range: 10.7.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.