Elevated Privilege Vulnerability in Trellix HX Agent Driver
CVE-2025-14963

6.2MEDIUM

Key Information:

Vendor: Trellix
Status: Endpoint Hx Agent (xagent)
Vendor: CVE Published:; 24 February 2026

What is CVE-2025-14963?

A vulnerability within the driver file fekern.sys in the Trellix HX Agent allows a local user with access to elevate their system privileges. This vulnerability can be exploited through a Bring Your Own Vulnerable Driver (BYOVD) technique to gain control over the critical lsass.exe process. However, the driver itself is not directly exploitable as the tamper protection of the HX Agent restricts its interaction to only the agent’s processes, safeguarding against potential misuse.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Endpoint HX Agent (xAgent) 36.30.0-17, 35.31.0-37, 34.x, 33.x and 30.x

References

https://thrive.trellix.com/s/article/000015100

CVSS V4

Score:

6.2

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Feb 24, 2026
Vulnerability Reserved
Dec 19, 2025

JSON

Trellix

What is CVE-2025-14963?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.