First published: Thu Nov 16 2023(Updated: )
An Improper Privilege Management vulnerability in Trellix GetSusp prior to version 5.0.0.27 allows a local, low privilege attacker to gain access to files that usually require a higher privilege level. This is caused by GetSusp not correctly protecting a directory that it creates during execution, allowing an attacker to take over file handles used by GetSusp. As this runs with high privileges, the attacker gains elevated permissions. The file handles are opened as read-only.
Credit: trellixpsirt@trellix.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trellix GetSusp | <5.0.0.27 |
Replace the version of GetSusp with version 5.0.0.27 or later.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2023-6119.
The severity of CVE-2023-6119 is high.
CVE-2023-6119 is an Improper Privilege Management vulnerability in Trellix GetSusp that allows a local, low privilege attacker to gain access to files that usually require a higher privilege level.
Trellix GetSusp prior to version 5.0.0.27 is affected by CVE-2023-6119.
Update Trellix GetSusp to version 5.0.0.27 or later to fix CVE-2023-6119.