This vulnerability (CVE-2025-7958) involves improper control of code generation (CWE-94) in Trellix Network Security CM and NX products. A local admin user can leverage the web interface and alert artifact details to inject and execute arbitrary code. The affected version explicitly identified is 10.0.4. The CVSS 4.0 vector indicates the attack requires local access with high privileges but no user interaction, and the impact on confidentiality, integrity, and availability is high. The vendor has not yet provided an official fix or remediation level, and no cloud service is involved.

Successful exploitation allows a locally authenticated administrator to execute arbitrary code on the affected system, potentially compromising system integrity and confidentiality. This could lead to full control over the affected Trellix Network Security appliance. The vulnerability does not appear to be exploitable remotely or without admin privileges. No known exploits have been reported in the wild.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, restrict local admin access to trusted personnel only. Monitor vendor communications for updates on patches or official mitigations. No cloud service is involved, so remediation depends on vendor patch availability.