209 matches found
Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (April 2025)
Overview Trend Micro Incorporated has released security updates for Endpoint security products for enterprises. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Trend Micro Apex Central 2019 Information Disclosure due to...
Trend Micro Deep Security Anti-Malware Solution Platform Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Trend...
Trend Micro Deep Security Agent Link Following Denial-of-Service Vulnerability
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Deep Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...
The vulnerability of the Anti-Malware module of the Trend Micro Deep Security Agent allows a hacker to increase their privileges.
The vulnerability of the Anti-Malware module of the Trend Micro Deep Security Agent is related to an incorrect definition of the link before accessing a file. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of Trend Micro Deep Security Agent lies in its improper handling of file access links, which allows attackers to trigger a service failure.
The vulnerability of the Trend Micro Deep Security Agent lies in the improper handling of the link before accessing a file. Exploiting this vulnerability can allow an attacker to trigger a service failure...
The vulnerability of Trend Micro Deep Security Agent lies in its improper handling of file access links, which allows attackers to escalate their privileges.
The vulnerability of the Trend Micro Deep Security Agent lies in the incorrect handling of the link before accessing a file. Exploiting this vulnerability can allow attackers to enhance their privileges...
CVE-2024-36358
A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to...
CVE-2024-48903
An improper access control vulnerability in Trend Micro Deep Security Agent 20 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
Trend Micro Deep Security Agent Incorrect Permissions Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Subsequent user interaction on the...
CVE-2024-55955
An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged...
CVE-2024-55955
An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged...
CVE-2024-55955
An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged...
CVE-2024-55955
An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged...
CVE-2024-55955
Trend Micro Deep Security Agent (20.0.1-9400 to 20.0.1-23340) is affected by an incorrect permissions assignment issue that can allow a local attacker to escalate privileges. The root cause is incorrect permissions set on a product folder created by the installer. An attacker must first run code ...
Trend Micro Deep Security 20.0 Agent (for Windows) vulnerable to uncontrolled search path element
Overview Trend Micro Incorporated has released the security updates for Deep Security 20.0 Agent for Windows that contains a fix for an uncontrolled search path element vulnerability CWE-427, CVE-2024-55955. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the...
Trend Micro Deep Security 安全漏洞
Trend Micro Deep Security is a server deep security protection system client from Trend Micro. A security vulnerability exists in Trend Micro Deep Security that stems from the inclusion of a privilege assignment error vulnerability that could allow a local attacker to elevate the privileges of an...
PT-2024-41129 · Trend Micro · Trend Micro Deep Security Agent
Name of the Vulnerable Software and Affected Versions: Trend Micro Deep Security Agent affected versions not specified Description: The issue is related to an incorrect link resolution before accessing a file, which can lead to a denial-of-service condition when exploited. Recommendations: At the...
PT-2024-36618 · Trend Micro · Trend Micro Deep Security Agent
Name of the Vulnerable Software and Affected Versions: Trend Micro Deep Security Agent versions 20.0.1-9400 through 20.0.1-23340 Description: An incorrect permissions assignment issue could allow a local attacker to escalate privileges on affected installations. To exploit this issue, an attacker...
Trend Micro Deep Security Agent for Windows and Deep Security Notifier on DSVA vulnerable to OS command injection
Overview Trend Micro Incorporated has released the security updates for Deep Security Agent for Windows and Deep Security Notifier on DSVA for Windows VM to fix an OS command injection vulnerability CWE-78, CVE-2024-48903. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notif...