PT-2022-26814 · Trellix · Trellix Endpoint Agent
Matt Depaepe
·
Published
2022-12-16
·
Updated
2022-12-21
·
CVE-2022-4326
CVSS v3.1
6.0
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Trellix Endpoint Agent (xAgent) versions prior to V35.31.22
Description
The issue is related to improper preservation of permissions, allowing a local user with administrator privileges to bypass product protection. This can lead to the uninstallation of the agent via incorrectly applied permissions in the removal protection functionality.
Recommendations
For versions prior to V35.31.22, update to version V35.31.22 or later to resolve the issue.
Fix
Improper Preservation of Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Trellix Endpoint Agent