CVE-2023-6119

Name of the Vulnerable Software and Affected Versions Trellix GetSusp versions prior to 5.0.0.27

Description The issue is caused by improper privilege management, allowing a local, low-privilege attacker to gain access to files that usually require a higher privilege level. This occurs because the software does not correctly protect a directory it creates during execution, enabling an attacker to take over file handles used by the software. As the software runs with high privileges, the attacker gains elevated permissions. The file handles are opened as read-only.

Recommendations For versions prior to 5.0.0.27, update to version 5.0.0.27 or later to resolve the issue.