Unauthenticated Remote Code Execution Vulnerability in Trellix IPS Manager
CVE-2024-5671

9.8CRITICAL

Key Information:

Vendor
Trellix
Status
Intrusion Prevention System (ips) Manager
Vendor
CVE Published:
14 June 2024

Badges

📰 News Worthy

Summary

The Trellix IPS Manager has been found to have a critical security vulnerability, CVE-2024-5671, which allows unauthenticated remote attackers to perform arbitrary code execution, potentially giving them complete control over the affected systems. This vulnerability has a high impact on confidentiality, integrity, and availability and could result in data theft, service disruption, and compromise of the entire network managed by the Trellix IPS Manager. It is recommended that organizations using the affected versions of the Trellix IPS Manager apply patches immediately, enhance monitoring and detection capabilities, and restrict access to the IPS Manager from untrusted networks and sources. As of now, there are no known cases of CVE-2024-5671 being exploited in the wild.

Affected Version(s)

Intrusion Prevention System (IPS) Manager Prior to 11.1.x

News Articles

favicon imageCybersecurityNews

Critical Vulnerability in Trellix IPS Manager Flaw Allows Remote Code Execution

Trellix has patched a critical security vulnerability in its Intrusion Prevention System (IPS) Manager, CVE-2024-5671.

References

https://thrive.trellix.com/s/article/000013623

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 📰

    First article discovered by CybersecurityNews

  • Vulnerability published

  • Vulnerability Reserved

Credit

Kentaro Kawane
.