Uncontrolled search path vulnerability in Trellix Agent - CVE-2022-3859ID: oval:org.secpod.oval:def:91227 | Date: (C)2023-07-20 (M)2023-11-13 |
Class: VULNERABILITY | Family: windows |
The host is installed with Trellix Agent through 5.7.8 and is prone to an uncontrolled search path vulnerability. A flaw is present in the application, which fails to properly handle an issue in unspecified vectors. Successful exploitation could allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL there.
Platform: |
Microsoft Windows 11 |
Microsoft Windows Server 2022 |
Microsoft Windows Server 2008 |
Microsoft Windows 7 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows 10 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |