Vulnerability Details : CVE-2022-4326
Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality.
Products affected by CVE-2022-4326
- cpe:2.3:a:trellix:endpoint_security:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-4326
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-4326
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.0
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H |
0.8
|
5.2
|
NIST | |
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:N/A:H |
1.1
|
4.0
|
Trellix |
CWE ids for CVE-2022-4326
-
The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.Assigned by:
- nvd@nist.gov (Primary)
- trellixpsirt@trellix.com (Secondary)
References for CVE-2022-4326
-
https://docs.trellix.com/bundle/xagent_35-31-22_rn/page/UUID-73c848e7-6107-fe11-d83d-b17bd5b1449c.html
AnnouncementsVendor Advisory
Jump to