VYPR
Vendor

Trellix

Products
36
CVEs
49
Across products
55
Status
Private

Products

36
View all 36 products →

Recent CVEs

49
View all 49 CVEs →
  • CVE-2024-5671CriJun 14, 2024
    risk 0.64cvss 9.8epss 0.01

    Insecure Deserialization in some workflows of the IPS Manager allows unauthenticated remote attackers to perform arbitrary code execution and access to the vulnerable Trellix IPS Manager.

  • CVE-2023-6071HigNov 30, 2023
    risk 0.55cvss 8.4epss 0.01

    An Improper Neutralization of Special Elements used in a command vulnerability in ESM prior to version 11.6.9 allows a remote administrator to execute arbitrary code as root on the ESM. This is possible as the input isn't correctly sanitized when adding a new data source.

  • CVE-2023-5607HigNov 27, 2023
    risk 0.55cvss 8.4epss 0.01

    An improper limitation of a path name to a restricted directory (path traversal) vulnerability in the TACC ePO extension, for on-premises ePO servers, prior to version 8.4.0 could lead to an authorised administrator attacker executing arbitrary code through uploading a…

  • CVE-2024-0213HigJan 9, 2024
    risk 0.53cvss 8.2epss 0.00

    A buffer overflow vulnerability in TA for Linux and TA for MacOS prior to 5.8.1 allows a local user to gain elevated permissions, or cause a Denial of Service (DoS), through exploiting a memory corruption issue in the TA service, which runs as root. This may also result in the…

  • CVE-2023-3314HigJul 3, 2023
    risk 0.53cvss 8.1epss 0.01

    A vulnerability arises out of a failure to comprehensively sanitize the processing of a zip file(s). Incomplete neutralization of external commands used to control the process execution of the .zip application allows an authorized user to obtain control of the .zip application…

  • CVE-2023-0975HigApr 3, 2023
    risk 0.53cvss 8.2epss 0.00

    A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions.

  • CVE-2022-2313HigJul 27, 2022
    risk 0.53cvss 8.2epss 0.00

    A DLL hijacking vulnerability in the MA Smart Installer for Windows prior to 5.7.7, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL into the folder from where the Smart installer is being executed.

  • CVE-2023-5444HigNov 17, 2023
    risk 0.52cvss 8.0epss 0.00

    A Cross Site Request Forgery vulnerability in ePolicy Orchestrator prior to 5.10.0 CP1 Update 2 allows a remote low privilege user to successfully add a new user with administrator privileges to the ePO server. This impacts the dashboard area of the user interface. To exploit…

  • CVE-2023-3313HigJul 3, 2023
    risk 0.51cvss 7.8epss 0.00

    An OS common injection vulnerability exists in the ESM certificate API, whereby incorrectly neutralized special elements may have allowed an unauthorized user to execute system command injection for the purpose of privilege escalation or to execute arbitrary commands.

  • CVE-2024-4844HigMay 16, 2024
    risk 0.49cvss 7.5epss 0.00

    Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator (ePO) on Premise prior to 5.10 Service Pack 1 Update 2 allows an attacker with admin privileges on the ePO server to read the contents of the orion.keystore file, allowing them to access the ePO database…

  • CVE-2025-3771HigJun 26, 2025
    risk 0.46cvss 7.1epss 0.00

    A path or symbolic link manipulation vulnerability in SIR 1.0.3 and prior versions allows an authenticated non-admin local user to overwrite system files with SIR backup files, which can potentially cause a system crash. This was achieved by adding a malicious entry to the…

  • CVE-2024-0206HigJan 9, 2024
    risk 0.46cvss 7.1epss 0.00

    A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry…

  • CVE-2023-4814HigSep 14, 2023
    risk 0.46cvss 7.1epss 0.00

    A Privilege escalation vulnerability exists in Trellix Windows DLP endpoint for windows which can be abused to delete any file/folder for which the user does not have permission to.

  • CVE-2024-5731MedJun 14, 2024
    risk 0.44cvss 6.8epss 0.00

    A vulnerability in the IPS Manager, Central Manager, and Local Manager communication workflow allows an attacker to control the destination of a request by manipulating the parameter, thereby leveraging sensitive information.

  • CVE-2023-0977MedApr 3, 2023
    risk 0.44cvss 6.7epss 0.01

    A heap-based overflow vulnerability in Trellix Agent (Windows and Linux) version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable.

  • CVE-2022-3859MedNov 30, 2022
    risk 0.44cvss 6.7epss 0.00

    An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing…

  • CVE-2023-0214MedJan 18, 2023
    risk 0.43cvss 6.1epss 0.02

    A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing…

  • CVE-2024-5956MedSep 5, 2024
    risk 0.42cvss 6.5epss 0.00

    This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly

  • CVE-2023-6119MedNov 16, 2023
    risk 0.42cvss 6.5epss 0.00

    An Improper Privilege Management vulnerability in Trellix GetSusp prior to version 5.0.0.27 allows a local, low privilege attacker to gain access to files that usually require a higher privilege level. This is caused by GetSusp not correctly protecting a directory that it…

  • CVE-2023-0978MedMar 13, 2023
    risk 0.42cvss 6.4epss 0.00

    A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier, allows a local user to inject and execute arbitrary operating system commands using specially crafted strings. This vulnerability is due to insufficient validation of arguments…