Lucene search
K

296 matches found

OSV
OSV
added 2024/10/22 7:15 p.m.6 views

CVE-2024-48903

An improper access control vulnerability in Trend Micro Deep Security Agent 20 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

7.8CVSS5.8AI score0.00745EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/22 6:28 p.m.14 views

CVE-2024-48903

An improper access control vulnerability in Trend Micro Deep Security Agent 20 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

7.8CVSS7.2AI score0.00745EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/22 12:0 a.m.6 views

Trend Micro Deep Security Agent 安全漏洞

Trend Micro Deep Security Agent is a security solution from Trend Micro, Inc. that is primarily used to protect data and applications in servers, virtual machines, and cloud environments. A security vulnerability exists in versions prior to Trend Micro Deep Security Agent 20.0.1-17380, which stem...

7.8CVSS6.4AI score0.00745EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/10/17 12:0 a.m.8 views

PT-2024-33260 · Trend Micro · Trend Micro Deep Security Agent

Name of the Vulnerable Software and Affected Versions: Trend Micro Deep Security Agent version 20 Description: An improper access control vulnerability could allow a local attacker to escalate privileges on affected installations. To exploit this issue, an attacker must first obtain the ability t...

7.8CVSS6.5AI score0.00745EPSS
Exploits0References10
Securelist
Securelist
added 2024/09/05 8:0 a.m.54 views

Tropic Trooper spies on government entities in the Middle East

Executive summary Tropic Trooper also known as KeyBoy and Pirate Panda is an APT group active since 2011. This group has traditionally targeted sectors such as government, healthcare, transportation and high-tech industries in Taiwan, the Philippines and Hong Kong. Our recent investigation has...

9.1CVSS8.4AI score0.99999EPSS
Exploits31
Positive Technologies
Positive Technologies
added 2024/09/05 12:0 a.m.18 views

PT-2024-41128 · Trend Micro · Trend Micro Deep Security Agent

Name of the Vulnerable Software and Affected Versions: Trend Micro Deep Security Agent affected versions not specified Description: The issue is related to incorrect link resolution before accessing a file, which can be exploited to potentially allow an attacker to escalate their privileges...

7.8CVSS6.3AI score0.00156EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/09/05 12:0 a.m.15 views

PT-2024-41127 · Trend Micro · Trend Micro Deep Security Agent

Name of the Vulnerable Software and Affected Versions: Trend Micro Deep Security Agent affected versions not specified Description: The issue is related to incorrect link resolution before file access in the Anti-Malware module of Trend Micro Deep Security Agent, which could allow an attacker to...

7.8CVSS6.3AI score0.00156EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/07/23 12:0 a.m.8 views

The vulnerability of the Anti-Malware module of the Trend Micro Deep Security Agent operating system for Windows allows a malicious actor to escalate their privileges and execute arbitrary code.

The vulnerability of the Anti-Malware module of the Trend Micro Deep Security Agent antivirus protection software for Windows operating systems is related to an incorrect determination of the link before accessing a file. Exploiting this vulnerability can allow attackers to enhance their privileg...

7.8CVSS7.5AI score0.00532EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/04 12:0 a.m.5 views

The vulnerability of the ApexOne Security Agent for antivirus software from Trend Micro’s Apex One and Apex One as a Service allows attackers to execute arbitrary code and gain elevated privileges.

The vulnerability of the ApexOne Security Agent in antivirus software products Trend Micro Apex One and Apex One as a Service is related to deficiencies in access control for the Suspect folder. Exploiting this vulnerability can allow attackers to execute arbitrary code and increase their...

7.8CVSS7.6AI score0.00629EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/06/20 5:59 a.m.5 views

Multiple vulnerabilities in multiple Trend Micro products

Overview Trend Micro Incorporated has released security updates for multiple Trend Micro products. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Apex One 2019 On-prem, Apex One as a Service Local privilege escalation due ...

7.8CVSS6.3AI score0.00889EPSS
Exploits0References13
CVE
CVE
added 2024/06/10 9:21 p.m.73 views

CVE-2024-36307

Trend Micro Apex One and Apex One as a Service are affected by CVE-2024-36307, an information-disclosure vulnerability that can be triggered by a local attacker who first has low-privilege code execution. Several sources describe the root cause as related to improper link handling/“link following...

5.5CVSS6.5AI score0.0078EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/06/10 9:21 p.m.34 views

CVE-2024-36305

A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

7.8CVSS0.00889EPSS
Exploits0References2
CVE
CVE
added 2024/06/10 9:21 p.m.72 views

CVE-2024-36305

CVE-2024-36305 concerns a local privilege-escalation in Trend Micro Apex One (on-premise/Apex One as a service) via a security agent link following vulnerability. The issue enables a local attacker, who already has low-privilege code execution, to escalate privileges on affected installations. Th...

7.8CVSS7.2AI score0.00889EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/10 9:20 p.m.27 views

CVE-2024-36303

An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

7.8CVSS7.1AI score0.00354EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/10 9:20 p.m.23 views

CVE-2024-36302

An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

7.8CVSS8AI score0.00552EPSS
Exploits0References2
CVE
CVE
added 2024/06/10 9:20 p.m.69 views

CVE-2024-36302

Affected product/tech : Trend Micro Apex One security agent. Vulnerability type and root cause : Local privilege escalation via an origin validation error in the Apex One security agent (CVE-2024-36302). The vulnerability exploits an origin validation weakness to elevate privileges on the host. I...

7.8CVSS7.2AI score0.00552EPSS
Exploits0References2Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2024/06/06 12:0 a.m.20 views

Trend Micro Apex One Security Agent Link Following Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

4.7CVSS6.4AI score0.0078EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/06/06 12:0 a.m.14 views

Trend Micro Apex One Improper Access Control Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Apex One...

7.8CVSS7.5AI score0.00629EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/06/06 12:0 a.m.21 views

Trend Micro Apex One Damage Cleanup Engine Link Following Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific fl...

6.1CVSS6.9AI score0.00614EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/06/06 12:0 a.m.16 views

Trend Micro Apex One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS7.5AI score0.00401EPSS
Exploits0References1
Rows per page
Query Builder