Lucene search

[email protected]NVD:CVE-2022-40708

HistorySep 28, 2022 - 9:15 p.m.

CVE-2022-40708

2022-09-2821:15:15

CWE-125

[email protected]

web.nvd.nist.gov

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

0.0004 Low

EPSS

Percentile

16.0%

JSON

An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707.

Affected configurations

NVD

Node

trendmicrodeep_security_agentMatch20.0-long_term_support

trendmicrodeep_security_agentMatch20.0update1337long_term_support

trendmicrodeep_security_agentMatch20.0update1559long_term_support

trendmicrodeep_security_agentMatch20.0update158long_term_support

trendmicrodeep_security_agentMatch20.0update167long_term_support

trendmicrodeep_security_agentMatch20.0update1681long_term_support

trendmicrodeep_security_agentMatch20.0update173long_term_support

trendmicrodeep_security_agentMatch20.0update180long_term_support

trendmicrodeep_security_agentMatch20.0update182long_term_support

trendmicrodeep_security_agentMatch20.0update1822long_term_support

trendmicrodeep_security_agentMatch20.0update183long_term_support

trendmicrodeep_security_agentMatch20.0update1876long_term_support

trendmicrodeep_security_agentMatch20.0update190long_term_support

trendmicrodeep_security_agentMatch20.0update198long_term_support

trendmicrodeep_security_agentMatch20.0update2009long_term_support

trendmicrodeep_security_agentMatch20.0update208long_term_support

trendmicrodeep_security_agentMatch20.0update213long_term_support

trendmicrodeep_security_agentMatch20.0update2204long_term_support

trendmicrodeep_security_agentMatch20.0update223long_term_support

trendmicrodeep_security_agentMatch20.0update224long_term_support

trendmicrodeep_security_agentMatch20.0update2419long_term_support

trendmicrodeep_security_agentMatch20.0update2593long_term_support

trendmicrodeep_security_agentMatch20.0update2740long_term_support

trendmicrodeep_security_agentMatch20.0update2921long_term_support

trendmicrodeep_security_agentMatch20.0update3165long_term_support

trendmicrodeep_security_agentMatch20.0update3288long_term_support

trendmicrodeep_security_agentMatch20.0update3445long_term_support

trendmicrodeep_security_agentMatch20.0update3530long_term_support

trendmicrodeep_security_agentMatch20.0update3771long_term_support

trendmicrodeep_security_agentMatch20.0update3964long_term_support

trendmicrodeep_security_agentMatch20.0update4185long_term_support

trendmicrodeep_security_agentMatch20.0update4416long_term_support

trendmicrodeep_security_agentMatch20.0update4726long_term_support

trendmicrodeep_security_agentMatch20.0update4959long_term_support

trendmicrodeep_security_agentMatch20.0update5137long_term_support

trendmicrodeep_security_agentMatch20.0update877long_term_support

AND

microsoftwindowsMatch-

References

success.trendmicro.com/solution/000291590

www.zerodayinitiative.com/advisories/ZDI-22-1298/

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

0.0004 Low

EPSS

Percentile

16.0%

JSON

Related for NVD:CVE-2022-40708

cve3 prion3 cvelist3 nvd2 zdi2