Trellix · Ta · CVE-2023-0976
**Name of the Vulnerable Software and Affected Versions**
TA for mac-OS versions prior to 5.7.9
**Description**
A command injection issue allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/ folder. The malicious file is executed by running the TA deployment feature located in the System Tree.
**Recommendations**
For versions prior to 5.7.9, update to version 5.7.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the TA deployment feature in the System Tree to minimize the risk of exploitation.