Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2022-3859

An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL there.

  • Published: Nov 30, 2022
  • Updated: Nov 8, 2023
  • CVE: CVE-2022-3859
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.7
  • AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWEs:

Software From Fixed in
trellix / agent - 5.7.8