CVE-2022-4326 MEDIUM

CVE-2022-4326: Trellix xAgent permission bypass vulnerability

Vendor Trellix
Product xAgent
Weakness CWE-281
Published December 16, 2022
Last update April 14, 2025

CVSS base score

5.5/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction Required
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:N/A:H

What the vulnerability does

01Description

Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality.

Key dates

02Disclosure timeline

December 16, 2022 CVE published
April 14, 2025 Record updated