CVE-2025-7958
highCVSS v3 Base Score
7.1
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
Attack Characteristics
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Vulnerability Report
Generated by CyberWatcher
Description
A Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code using the web interface and Alert artifact details.
CWE
CWE-94Affected Products
Trellix Trellix Network Security NX, EX, FX, AX, and CMS