CVE-2022-3859

Name of the Vulnerable Software and Affected Versions Trellix Agent (TA) for Windows versions prior to 5.7.8

Description An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows. This allows an attacker with admin access to elevate their privileges to System by placing a malicious DLL in the restricted Windows System folder. The attacker must have admin access to place the DLL in the restricted folder.

Recommendations For versions prior to 5.7.8, update to version 5.7.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the Windows System folder to minimize the risk of exploitation.