Buffer Overflow Vulnerability in TA for Linux and MacOS by Trellix
CVE-2024-0213

8.2HIGH

Key Information:

Vendor
Trellix
Status
Trellix Agent (TA)
Vendor
CVE Published:
9 January 2024

Summary

A buffer overflow vulnerability exists in TA for Linux and TA for MacOS versions prior to 5.8.1, allowing local users to exploit a memory corruption flaw in the TA service that runs with root privileges. Successful exploitation can lead to elevated permissions, enabling user actions that compromise system integrity, or result in a Denial of Service (DoS) scenario. Additionally, this vulnerability may hinder event reporting to the ePO by failing to validate input from files adequately, creating further security risks.

Affected Version(s)

Trellix Agent (TA) Prior to 5.8.1

References

https://kcm.trellix.com/corporate/index?page=content&id=S...

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Lockheed Martin Red Team
.
CVE-2024-0213 : Buffer Overflow Vulnerability in TA for Linux and MacOS by Trellix | SecurityVulnerability.io