vulnerability

Trellix Agent: CVE-2022-3859: CWE-427: Uncontrolled Search Path Element

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:C/A:C)

Published

Nov 30, 2022

Added

Apr 4, 2023

Modified

Aug 11, 2025

Description

An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL there.

Solution

trellix-agent-upgrade-5-7-8-262

References

CVE-2022-3859
https://attackerkb.com/topics/CVE-2022-3859
CWE-427
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3859
https://kcm.trellix.com/corporate/index?page=content&id=SB10391
https://nvd.nist.gov/vuln/detail/CVE-2022-3859

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report