Vulnerabilities > Trellix > Endpoint Security
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-04 | CVE-2023-3665 | Code Injection vulnerability in Trellix Endpoint Security A code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and earlier, allowed a local user to disable the ENS AMSI component via environment variables, leading to denial of service and or the execution of arbitrary code. | 7.8 |
| 2022-12-16 | CVE-2022-4326 | Improper Preservation of Permissions vulnerability in Trellix Endpoint Security Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality. | 6.0 |