Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Trellix xAgent permission bypass vulnerability
Vulnerability Description
Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:N/A:H
Vulnerability Type
权限预留不恰当
Vulnerability Title
Trellix Agent 安全漏洞
Vulnerability Description
Trellix Agent是美国火眼(Trellix)公司的一个客户端组件。提供 McAfee ePolicy Orchestrator(McAfee ePO)和托管产品之间的安全通信。 Trellix Agent V35.31.22之前的版本存在安全漏洞,该漏洞源于其允许具有管理员权限的本地用户绕过产品保护,通过删除保护功能中错误应用的权限卸载代理。
CVSS Information
N/A
Vulnerability Type
N/A