📦

getsusp

Name: getsusp
Author: WatchStack

Vendor: trellix

Login to add this product to WatchStack

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 1 Total Indexed

Avg. EPSS 0.03% Exploit Prob.

Latest CVE CVE-2023-6119 Nov 16

Security Vulnerability Index

Page 1 / 1

6.5 CVSS

CVE-2023-6119

An Improper Privilege Management vulnerability in Trellix GetSusp prior to version 5.0.0.27 allows a local, low privilege attacker to gain access to files that usually require a higher privilege level. This is caused by GetSusp not correctly protecting a directory that it creates during execution, allowing an attacker to take over file handles used by GetSusp. As this runs with high privileges, the attacker gains elevated permissions. The file handles are opened as read-only.

EPSS: 0.03%

Severity: MEDIUM

Nov 16, 2023

Displaying 1 of 1 Total Entries

1

Total 1 Sections