CNNVD-202507-2602 Information

CNNVD ID

CNNVD-202507-2602

Related CVE

CVE-2025-0664

• CNNVD Published: 2025-07-21

Description (Chinese)

Trellix Endpoint Security（ENS）是美国火眼（Trellix）公司的一款终端安全解决方案。 Trellix Endpoint Security (HX) Agent存在代码注入漏洞，该漏洞源于特权用户可创建恶意OpenSSL配置文件，可能导致加载任意本地库并执行代码。

Description (English)

Tellix Endpoint Security is a terminal security solution for Trellix. Trellix Endpoint Security (HX) Agent has a code leak, which stems from the privileged user ’ s ability to create a malicious OpenSSL configuration file, which could lead to the loading of any local repository and the implementation of codes.

Hazard Level

High

Vulnerability Type

代码注入

Affected Vendor

火眼

Published

2025-07-21

Last Modified

2026-02-24

References

https://thrive.trellix.com/s/article/000014450