Lucene search
K

209 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/09 5:55 a.m.8 views

Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (April 2025)

Overview Trend Micro Incorporated has released security updates for Endpoint security products for enterprises. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Trend Micro Apex Central 2019 Information Disclosure due to...

7.8CVSS6.6AI score0.00299EPSS
Exploits0References11
Zero Day Initiative
Zero Day Initiative
added 2025/04/09 12:0 a.m.8 views

Trend Micro Deep Security Anti-Malware Solution Platform Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS7.3AI score0.00156EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/04/09 12:0 a.m.6 views

Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Trend...

7.8CVSS7.3AI score0.00156EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/04/09 12:0 a.m.6 views

Trend Micro Deep Security Agent Link Following Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Deep Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

5.5CVSS6.7AI score0.00139EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/04 12:0 a.m.11 views

The vulnerability of the Anti-Malware module of the Trend Micro Deep Security Agent allows a hacker to increase their privileges.

The vulnerability of the Anti-Malware module of the Trend Micro Deep Security Agent is related to an incorrect definition of the link before accessing a file. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS7.2AI score0.00156EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/04 12:0 a.m.9 views

The vulnerability of Trend Micro Deep Security Agent lies in its improper handling of file access links, which allows attackers to trigger a service failure.

The vulnerability of the Trend Micro Deep Security Agent lies in the improper handling of the link before accessing a file. Exploiting this vulnerability can allow an attacker to trigger a service failure...

5.5CVSS5.9AI score0.00139EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/04 12:0 a.m.7 views

The vulnerability of Trend Micro Deep Security Agent lies in its improper handling of file access links, which allows attackers to escalate their privileges.

The vulnerability of the Trend Micro Deep Security Agent lies in the incorrect handling of the link before accessing a file. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.2AI score0.00156EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 4:48 a.m.6 views

CVE-2024-36358

A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to...

7.8CVSS7.1AI score0.00532EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:32 p.m.6 views

CVE-2024-48903

An improper access control vulnerability in Trend Micro Deep Security Agent 20 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

7.8CVSS7.2AI score0.00745EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/01/08 12:0 a.m.9 views

Trend Micro Deep Security Agent Incorrect Permissions Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Subsequent user interaction on the...

6.7CVSS7.1AI score0.00133EPSS
Exploits0References1
OSV
OSV
added 2024/12/31 5:15 p.m.3 views

CVE-2024-55955

An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged...

7.3CVSS6AI score0.00133EPSS
Exploits0References1
NVD
NVD
added 2024/12/31 5:15 p.m.45 views

CVE-2024-55955

An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged...

7.3CVSS0.00133EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/31 4:19 p.m.42 views

CVE-2024-55955

An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged...

6.7CVSS0.00133EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/31 4:19 p.m.18 views

CVE-2024-55955

An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged...

6.7CVSS6.7AI score0.00133EPSS
Exploits0References1
CVE
CVE
added 2024/12/31 4:19 p.m.89 views

CVE-2024-55955

Trend Micro Deep Security Agent (20.0.1-9400 to 20.0.1-23340) is affected by an incorrect permissions assignment issue that can allow a local attacker to escalate privileges. The root cause is incorrect permissions set on a product folder created by the installer. An attacker must first run code ...

7.3CVSS7.2AI score0.00133EPSS
Exploits0References1Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/12/25 2:28 a.m.3 views

Trend Micro Deep Security 20.0 Agent (for Windows) vulnerable to uncontrolled search path element

Overview Trend Micro Incorporated has released the security updates for Deep Security 20.0 Agent for Windows that contains a fix for an uncontrolled search path element vulnerability CWE-427, CVE-2024-55955. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the...

7.3CVSS6.6AI score0.00133EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/12/24 12:0 a.m.4 views

Trend Micro Deep Security 安全漏洞

Trend Micro Deep Security is a server deep security protection system client from Trend Micro. A security vulnerability exists in Trend Micro Deep Security that stems from the inclusion of a privilege assignment error vulnerability that could allow a local attacker to elevate the privileges of an...

7.3CVSS6.3AI score0.00133EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/12/19 12:0 a.m.10 views

PT-2024-41129 · Trend Micro · Trend Micro Deep Security Agent

Name of the Vulnerable Software and Affected Versions: Trend Micro Deep Security Agent affected versions not specified Description: The issue is related to an incorrect link resolution before accessing a file, which can lead to a denial-of-service condition when exploited. Recommendations: At the...

5.5CVSS6.1AI score0.00139EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/12/19 12:0 a.m.12 views

PT-2024-36618 · Trend Micro · Trend Micro Deep Security Agent

Name of the Vulnerable Software and Affected Versions: Trend Micro Deep Security Agent versions 20.0.1-9400 through 20.0.1-23340 Description: An incorrect permissions assignment issue could allow a local attacker to escalate privileges on affected installations. To exploit this issue, an attacker...

6.7CVSS7.5AI score0.00133EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/12/06 3:11 a.m.3 views

Trend Micro Deep Security Agent for Windows and Deep Security Notifier on DSVA vulnerable to OS command injection

Overview Trend Micro Incorporated has released the security updates for Deep Security Agent for Windows and Deep Security Notifier on DSVA for Windows VM to fix an OS command injection vulnerability CWE-78, CVE-2024-48903. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notif...

9.8CVSS8AI score0.19633EPSS
Exploits0References6
Rows per page
Query Builder