The host is installed with Trellix Agent through 5.7.8 and is prone to a command injection vulnerability. A flaw is present in the application, which fails to properly handle an issue in unspecified vectors. Successful exploitation could allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/ folder. The malicious file is executed by running the TA deployment feature located in the System Tree.