CVE-2025-14963
- EPSS 0.02%
- Veröffentlicht 24.02.2026 17:11:06
- Zuletzt bearbeitet 26.02.2026 18:39:44
A vulnerability identified in the HX Agent driver file fekern.sys allowed a threat actor with local user access the ability to gain elevated system privileges. Utilization of a Bring Your Own Vulnerable Driver (BYOVD) was leveraged to gain access to ...
CVE-2025-0664
- EPSS 0.04%
- Veröffentlicht 21.07.2025 07:15:23
- Zuletzt bearbeitet 22.07.2025 13:06:07
A locally authenticated, privileged user can craft a malicious OpenSSL configuration file, potentially leading the agent to load an arbitrary local library. This may impair endpoint defenses and allow the attacker to achieve code execution with SYSTE...
CVE-2023-3665
- EPSS 0.08%
- Veröffentlicht 04.10.2023 15:15:12
- Zuletzt bearbeitet 21.11.2024 08:17:47
A code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and earlier, allowed a local user to disable the ENS AMSI component via environment variables, leading to denial of service and or the execution of arbitrary code.
- EPSS 0.03%
- Veröffentlicht 16.12.2022 16:15:25
- Zuletzt bearbeitet 21.11.2024 07:35:03
Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied perm...