Persistent Denial of Service Vulnerability in FireEye EDR Agent by Trellix
CVE-2025-0618
6.5MEDIUM
Key Information:
- Vendor
- Trellix
- Status
- Fireeye Edr Hx
- Vendor
- CVE Published:
- 23 April 2025
Summary
The FireEye EDR Agent is susceptible to a persistent denial of service vulnerability, enabling a malicious actor to send a crafted tamper protection event to the HX service. This action can trigger an exception that halts the processing of subsequent tamper protection events indefinitely, even across system reboots. This vulnerability underscores the critical need for robust monitoring and timely updates to maintain system integrity and operational continuity.
Affected Version(s)
FireEye EDR HX HX 10.0.0
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved