CVE-2023-0978 — Command Injection in Intelligent Sandbox

CWE-77 — Command Injection8 documents6 sources

Severity

6.7MEDIUMNVD

CNA6.4

EPSS

0.7%

top 27.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Trellix Intelligent Sandbox Mcafee Advanced Threat Defense Trellix Intelligent Sandbox

Timeline

PublishedMar 13

Latest updateNov 13

Description

A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier, allows a local user to inject and execute arbitrary operating system commands using specially crafted strings. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI command. The vulnerability allows the attack

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages3 packages

▶CVEListV5trellix/trellix_intelligent_sandbox 5.0 — 5.2

▶NVDtrellix/intelligent_sandbox5.0, 5.2+1

▶NVDmcafee/advanced_threat_defense4.0 — 4.14.2

🔴Vulnerability Details

GHSA

GHSA-xvgp-q85q-wcrm: A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5↗2023-03-13

▶

CVEList

CVE-2023-0978: A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5↗2023-03-13

▶

🕵️Threat Intelligence

Unit42

In-Depth Analysis of July 2023 Exploit Chain Featuring CVE-2023-36884 and CVE-2023-36584↗2023-11-13

▶