Privilege Escalation Vulnerability in Trellix Windows DLP Endpoint
CVE-2023-4814

7.1HIGH

Key Information:

Vendor: Trellix
Status: Data Loss Prevention Endpoint for Windows
Vendor: CVE Published:; 14 September 2023

What is CVE-2023-4814?

A privilege escalation vulnerability is present in the Trellix Windows DLP endpoint software, allowing attackers to exploit this flaw to delete any file or folder that the user does not have explicit permission to access. This vulnerability could potentially lead to unauthorized data manipulation and loss, posing significant risks to the integrity of the affected systems.

Affected Version(s)

Data Loss Prevention Endpoint for Windows Windows 11.10.100.17 < 11.10.101.32

References

https://kcm.trellix.com/corporate/index?page=content&id=S...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 14, 2023
Vulnerability Reserved
Sep 7, 2023

Credit

ekokh