Lucene search
HistorySep 28, 2022 - 9:15 p.m.
CVE-2022-40709
out-of-bounds read
trend micro deep security
cloud one
workload security
windows
sensitive information disclosure
low-privileged code
cve-2022-40709
CVSS3
3.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
0
Percentile
15.9%
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707 and 40708.
Affected configurations
Node
trendmicrodeep_security_agentMatch20.0-long_term_support
ORtrendmicrodeep_security_agentMatch20.0update1337long_term_support
ORtrendmicrodeep_security_agentMatch20.0update1559long_term_support
ORtrendmicrodeep_security_agentMatch20.0update158long_term_support
ORtrendmicrodeep_security_agentMatch20.0update167long_term_support
ORtrendmicrodeep_security_agentMatch20.0update1681long_term_support
ORtrendmicrodeep_security_agentMatch20.0update173long_term_support
ORtrendmicrodeep_security_agentMatch20.0update180long_term_support
ORtrendmicrodeep_security_agentMatch20.0update182long_term_support
ORtrendmicrodeep_security_agentMatch20.0update1822long_term_support
ORtrendmicrodeep_security_agentMatch20.0update183long_term_support
ORtrendmicrodeep_security_agentMatch20.0update1876long_term_support
ORtrendmicrodeep_security_agentMatch20.0update190long_term_support
ORtrendmicrodeep_security_agentMatch20.0update198long_term_support
ORtrendmicrodeep_security_agentMatch20.0update2009long_term_support
ORtrendmicrodeep_security_agentMatch20.0update208long_term_support
ORtrendmicrodeep_security_agentMatch20.0update213long_term_support
ORtrendmicrodeep_security_agentMatch20.0update2204long_term_support
ORtrendmicrodeep_security_agentMatch20.0update223long_term_support
ORtrendmicrodeep_security_agentMatch20.0update224long_term_support
ORtrendmicrodeep_security_agentMatch20.0update2419long_term_support
ORtrendmicrodeep_security_agentMatch20.0update2593long_term_support
ORtrendmicrodeep_security_agentMatch20.0update2740long_term_support
ORtrendmicrodeep_security_agentMatch20.0update2921long_term_support
ORtrendmicrodeep_security_agentMatch20.0update3165long_term_support
ORtrendmicrodeep_security_agentMatch20.0update3288long_term_support
ORtrendmicrodeep_security_agentMatch20.0update3445long_term_support
ORtrendmicrodeep_security_agentMatch20.0update3530long_term_support
ORtrendmicrodeep_security_agentMatch20.0update3771long_term_support
ORtrendmicrodeep_security_agentMatch20.0update3964long_term_support
ORtrendmicrodeep_security_agentMatch20.0update4185long_term_support
ORtrendmicrodeep_security_agentMatch20.0update4416long_term_support
ORtrendmicrodeep_security_agentMatch20.0update4726long_term_support
ORtrendmicrodeep_security_agentMatch20.0update4959long_term_support
ORtrendmicrodeep_security_agentMatch20.0update5137long_term_support
ORtrendmicrodeep_security_agentMatch20.0update877long_term_support
microsoftwindowsMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| trendmicro | deep_security_agent | 20.0 | cpe:2.3:a:trendmicro:deep_security_agent:20.0:-:*:*:long_term_support:*:*:* |
| trendmicro | deep_security_agent | 20.0 | cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1337:*:*:long_term_support:*:*:* |
| trendmicro | deep_security_agent | 20.0 | cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1559:*:*:long_term_support:*:*:* |
| trendmicro | deep_security_agent | 20.0 | cpe:2.3:a:trendmicro:deep_security_agent:20.0:update158:*:*:long_term_support:*:*:* |
| trendmicro | deep_security_agent | 20.0 | cpe:2.3:a:trendmicro:deep_security_agent:20.0:update167:*:*:long_term_support:*:*:* |
| trendmicro | deep_security_agent | 20.0 | cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1681:*:*:long_term_support:*:*:* |
| trendmicro | deep_security_agent | 20.0 | cpe:2.3:a:trendmicro:deep_security_agent:20.0:update173:*:*:long_term_support:*:*:* |
| trendmicro | deep_security_agent | 20.0 | cpe:2.3:a:trendmicro:deep_security_agent:20.0:update180:*:*:long_term_support:*:*:* |
| trendmicro | deep_security_agent | 20.0 | cpe:2.3:a:trendmicro:deep_security_agent:20.0:update182:*:*:long_term_support:*:*:* |
| trendmicro | deep_security_agent | 20.0 | cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1822:*:*:long_term_support:*:*:* |
Related
prion
prion
Design/Logic Flaw
2022-09-28 21:15:00
Design/Logic Flaw
2022-09-28 21:15:00
Design/Logic Flaw
2022-09-28 21:15:00
cvelist
cvelist
cve
cve
zdi
zdi
nvd
nvd
CVE-2022-40707
2022-09-28 21:15:14
CVE-2022-40708
2022-09-28 21:15:15
CVSS3
3.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
0
Percentile
15.9%
Related for NVD:CVE-2022-40709