VYPR

TA for MacOS

by Trellix

CVEs (2)

  • CVE-2024-0213HigJan 9, 2024
    risk 0.53cvss 8.2epss 0.00

    A buffer overflow vulnerability in TA for Linux and TA for MacOS prior to 5.8.1 allows a local user to gain elevated permissions, or cause a Denial of Service (DoS), through exploiting a memory corruption issue in the TA service, which runs as root. This may also result in the…

  • CVE-2023-0976MedJun 7, 2023
    risk 0.41cvss 6.3epss 0.01

    A command Injection Vulnerability in TA for mac-OS prior to version 5.7.9 allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/ folder. The malicious file is executed by running the TA deployment feature located in the System Tree.