First published: Mon Apr 03 2023(Updated: )
A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions.
Credit: trellixpsirt@trellix.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trellix Agent | <=5.7.8 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2023-0975.
The severity of CVE-2023-0975 is high.
The affected software for CVE-2023-0975 is Trellix Agent for Windows version 5.7.8 and earlier.
CVE-2023-0975 allows local users to replace one of the Agent's executables during the install/upgrade workflow, enabling them to elevate their permissions.
No, Microsoft Windows is not affected by CVE-2023-0975.
To fix CVE-2023-0975, it is recommended to update to a version of Trellix Agent for Windows that is newer than 5.7.8.
You can find more information about CVE-2023-0975 [here](https://kcm.trellix.com/corporate/index?page=content&id=SB10396).
The CWE ID for CVE-2023-0975 is CWE-281.