Vulnerabilities > Trellix > Agent
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-09 | CVE-2024-0213 | Classic Buffer Overflow vulnerability in Trellix Agent A buffer overflow vulnerability in TA for Linux and TA for MacOS prior to 5.8.1 allows a local user to gain elevated permissions, or cause a Denial of Service (DoS), through exploiting a memory corruption issue in the TA service, which runs as root. | 7.8 |
| 2023-06-07 | CVE-2023-0976 | Uncontrolled Search Path Element vulnerability in Trellix Agent 5.7.7/5.7.8 A command Injection Vulnerability in TA for mac-OS prior to version 5.7.9 allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/ folder. | 7.8 |
| 2023-06-07 | CVE-2023-1388 | Out-of-bounds Write vulnerability in Trellix Agent 5.7.7/5.7.8 A heap-based overflow vulnerability in TA prior to version 5.7.9 allows a remote user to alter the page heap in the macmnsvc process memory block, resulting in the service becoming unavailable. | 8.1 |
| 2023-04-03 | CVE-2023-0975 | Improper Preservation of Permissions vulnerability in Trellix Agent 5.7.7/5.7.8 A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. | 7.8 |
| 2023-04-03 | CVE-2023-0977 | Out-of-bounds Write vulnerability in Trellix Agent 5.7.7/5.7.8 A heap-based overflow vulnerability in Trellix Agent (Windows and Linux) version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable. | 6.5 |
| 2022-11-30 | CVE-2022-3859 | Uncontrolled Search Path Element vulnerability in Trellix Agent An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. | 6.7 |