CVE-2025-14963 - Trellix HX Agent Local Privilege Escalation (LSE) Vulnerability

CVE ID : CVE-2025-14963 Published : Feb. 24, 2026, 6:29 p.m. | 2 minutes ago Description : A vulnerability identified in the Trellix HX Agent driver file fekern.sys allowed a threat actor with local user access the ability to gain elevated system privileges. Utilization of a Bring Your Own Vulnerable Driver (BYOVD) was leveraged to gain access to the critical Windows process memory lsass.exe (Local Security Authority Subsystem Service). The fekern.sys; a driver file associated with Trellix HX Agent (used in all existing HX Agent versions).   The vulnerable driver installed in a product or a system running fully functional HX Agent is, itself, not exploitable as the product’s tamper protection restricts the ability to communicate with the driver to only the agent’s processes. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...