📦

anti-malware_engine

Name: anti-malware_engine
Author: WatchStack

Vendor: trellix

Login to add this product to WatchStack

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 1 Total Indexed

Avg. EPSS 0.09% Exploit Prob.

Latest CVE CVE-2024-0206 Jan 09

Security Vulnerability Index

Page 1 / 1

7.1 CVSS

CVE-2024-0206

A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symbolic link to files that the user wouldn't normally have permission to. After a scan, the Engine would follow the links and remove the files

EPSS: 0.09%

Severity: HIGH

Jan 09, 2024

Displaying 1 of 1 Total Entries

1

Total 1 Sections