{"api_version":"1","generated_at":"2026-04-22T22:32:40+00:00","cve":"CVE-2022-3859","urls":{"html":"https://cve.report/CVE-2022-3859","api":"https://cve.report/api/cve/CVE-2022-3859.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-3859","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-3859"},"summary":{"title":"CVE-2022-3859","description":"An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL there.","state":"PUBLIC","assigner":"trellixpsirt@trellix.com","published_at":"2022-11-30 09:15:00","updated_at":"2023-11-07 03:51:00"},"problem_types":["CWE-427"],"metrics":[],"references":[{"url":"https://kcm.trellix.com/corporate/index?page=content&id=SB10391","name":"https://kcm.trellix.com/corporate/index?page=content&id=SB10391","refsource":"MISC","tags":[],"title":"Security Bulletin – Trellix Agent (TA) for Windows fixes one vulnerability (CVE-2022-3859)","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-3859","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3859","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"3859","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"trellix","cpe5":"agent","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"windows","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2022-3859","ASSIGNER":"trellixpsirt@trellix.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL there."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE- 427: Uncontrolled Search Path Element"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Trellix","product":{"product_data":[{"product_name":"Trellix Agent","version":{"version_data":[{"version_value":"5.x","version_affected":"="}]}}]}}]}},"references":{"reference_data":[{"url":"https://kcm.trellix.com/corporate/index?page=content&id=SB10391","refsource":"MISC","name":"https://kcm.trellix.com/corporate/index?page=content&id=SB10391"}]},"generator":{"engine":"Vulnogram 0.1.0-dev"},"source":{"discovery":"UNKNOWN"},"impact":{"cvss":[{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":6.7,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}]}},"nvd":{"publishedDate":"2022-11-30 09:15:00","lastModifiedDate":"2023-11-07 03:51:00","problem_types":["CWE-427"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":6.7,"baseSeverity":"MEDIUM"},"exploitabilityScore":0.8,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:trellix:agent:*:*:*:*:windows:*:*:*","versionEndExcluding":"5.7.8","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}