An Improper Privilege Management vulnerability in Trellix GetSusp prior to version 5.0.0.27 allows a local, low privilege attacker to gain access to files that usually require a higher privilege level. This is caused by GetSusp not correctly protecting a directory that it creates during execution, allowing an attacker to take over file handles used by GetSusp. As this runs with high privileges, the attacker gains elevated permissions. The file handles are opened as read-only.
References
Link | Resource |
---|---|
https://kcm.trellix.com/corporate/index?page=content&id=SB10412 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: trellix
Published: 2023-11-16T09:39:30.357Z
Updated: 2023-11-16T09:39:30.357Z
Reserved: 2023-11-14T09:37:31.829Z
Link: CVE-2023-6119
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-11-16T10:15:19.217
Modified: 2023-11-29T19:32:07.657
Link: CVE-2023-6119
JSON object: View
Redhat Information
No data.
CWE