vulnerability

McAfee Endpoint Security Platform: CVE-2023-3665: Trellix Endpoint Security (ENS) 10.7.0 September 2023 Update, fixes one vulnerability (SB10405)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:L/AC:L/Au:S/C:N/I:C/A:N)	2023-09-22	2024-12-09	2024-12-11

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:C/A:N)

Published

2023-09-22

Added

2024-12-09

Modified

2024-12-11

Description

A code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and earlier, allowed a local user to disable the ENS AMSI component via environment variables, leading to denial of service and or the execution of arbitrary code.

Solution

mcafee-endpoint-security-platform-upgrade-10-7-0-6149

References

CVE-2023-3665
https://attackerkb.com/topics/CVE-2023-3665
MCAFEE-SB10405

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today