Vulnerabilites related to trendmicro - deep_security
cve-2019-15627
Vulnerability from cvelistv5
Published
2019-10-17 19:09
Modified
2024-08-05 00:56
Severity ?
EPSS score ?
Summary
Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, which may lead to availability impact. Local OS access is required. Please note that only Windows agents are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://success.trendmicro.com/solution/000149495 | x_refsource_CONFIRM | |
| http://packetstormsecurity.com/files/155579/Trend-Micro-Deep-Security-Agent-11-Arbitrary-File-Overwrite.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Trend Micro | Deep Security Agent |
Version: 10.0 Version: 11.0 Version: 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:56:21.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000149495"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155579/Trend-Micro-Deep-Security-Agent-11-Arbitrary-File-Overwrite.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Deep Security Agent",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "10.0"
},
{
"status": "affected",
"version": "11.0"
},
{
"status": "affected",
"version": "12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, which may lead to availability impact. Local OS access is required. Please note that only Windows agents are affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Local Arbitrary File Overwrite",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-06T17:06:10",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://success.trendmicro.com/solution/000149495"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155579/Trend-Micro-Deep-Security-Agent-11-Arbitrary-File-Overwrite.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2019-15627",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Deep Security Agent",
"version": {
"version_data": [
{
"version_value": "10.0"
},
{
"version_value": "11.0"
},
{
"version_value": "12.0"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, which may lead to availability impact. Local OS access is required. Please note that only Windows agents are affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local Arbitrary File Overwrite"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000149495",
"refsource": "CONFIRM",
"url": "https://success.trendmicro.com/solution/000149495"
},
{
"name": "http://packetstormsecurity.com/files/155579/Trend-Micro-Deep-Security-Agent-11-Arbitrary-File-Overwrite.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155579/Trend-Micro-Deep-Security-Agent-11-Arbitrary-File-Overwrite.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2019-15627",
"datePublished": "2019-10-17T19:09:33",
"dateReserved": "2019-08-26T00:00:00",
"dateUpdated": "2024-08-05T00:56:21.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52338
Vulnerability from cvelistv5
Published
2024-01-23 20:43
Modified
2024-08-02 22:55
Severity ?
EPSS score ?
Summary
A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Trend Micro, Inc. | Trend Micro Deep Security Agent |
Version: 20.0 ≤ |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trendmicro:deep_security_agent:20.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "deep_security_agent",
"vendor": "trendmicro",
"versions": [
{
"lessThan": "20.0.0-8438",
"status": "affected",
"version": "20.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52338",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-22T19:14:09.238652Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T19:25:59.609Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.363Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-076/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Deep Security Agent",
"vendor": "Trend Micro, Inc.",
"versions": [
{
"lessThan": "20.0.0-8438",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
],
"providerMetadata": {
"dateUpdated": "2024-01-23T20:43:13.069Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-076/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2023-52338",
"datePublished": "2024-01-23T20:43:13.069Z",
"dateReserved": "2024-01-12T00:09:12.342Z",
"dateUpdated": "2024-08-02T22:55:41.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-8607
Vulnerability from cvelistv5
Published
2020-08-05 14:05
Modified
2024-08-04 10:03
Severity ?
EPSS score ?
Summary
An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://success.trendmicro.com/solution/000260713 | x_refsource_MISC | |
| https://success.trendmicro.com/jp/solution/000260748 | x_refsource_MISC | |
| https://jvn.jp/vu/JVNVU99160193/ | x_refsource_MISC | |
| https://jvn.jp/en/vu/JVNVU99160193/index.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Trend Micro | Trend Micro Apex One |
Version: 2019 (On premise), SaaS |
||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:03:46.363Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000260713"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/jp/solution/000260748"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU99160193/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/vu/JVNVU99160193/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Apex One",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "2019 (On premise), SaaS"
}
]
},
{
"product": "Trend Micro OfficeScan",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "XG SP1"
}
]
},
{
"product": "Trend Micro Deep Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "12.x, 11.x. 10.x"
}
]
},
{
"product": "Trend Micro Worry-Free Business Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "10.0 SP1, Services (SaaS)"
}
]
},
{
"product": "Trend Micro Security (Consumer Family)",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "2020 (v16), 2019 (v15)"
}
]
},
{
"product": "Trend Micro Safe Lock",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "2.0 SP1, TXOne Ed"
}
]
},
{
"product": "Trend Micro ServerProtect",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "SPFS 6.0, SPNAF 5.8, SPEMC 5.8, SPNT 5.8"
}
]
},
{
"product": "Trend Micro Portable Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "3.x, 2.x"
}
]
},
{
"product": "Trend Micro HouseCall",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "8.0"
}
]
},
{
"product": "Trend Micro Anti-Threat Toolkit (ATTK)",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "1.62.1240 and below"
}
]
},
{
"product": "Trend Micro Rootkit Buster",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "2.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Input Validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-05T14:05:22",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/000260713"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/jp/solution/000260748"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/vu/JVNVU99160193/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/vu/JVNVU99160193/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2020-8607",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Apex One",
"version": {
"version_data": [
{
"version_value": "2019 (On premise), SaaS"
}
]
}
},
{
"product_name": "Trend Micro OfficeScan",
"version": {
"version_data": [
{
"version_value": "XG SP1"
}
]
}
},
{
"product_name": "Trend Micro Deep Security",
"version": {
"version_data": [
{
"version_value": "12.x, 11.x. 10.x"
}
]
}
},
{
"product_name": "Trend Micro Worry-Free Business Security",
"version": {
"version_data": [
{
"version_value": "10.0 SP1, Services (SaaS)"
}
]
}
},
{
"product_name": "Trend Micro Security (Consumer Family)",
"version": {
"version_data": [
{
"version_value": "2020 (v16), 2019 (v15)"
}
]
}
},
{
"product_name": "Trend Micro Safe Lock",
"version": {
"version_data": [
{
"version_value": "2.0 SP1, TXOne Ed"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect",
"version": {
"version_data": [
{
"version_value": "SPFS 6.0, SPNAF 5.8, SPEMC 5.8, SPNT 5.8"
}
]
}
},
{
"product_name": "Trend Micro Portable Security",
"version": {
"version_data": [
{
"version_value": "3.x, 2.x"
}
]
}
},
{
"product_name": "Trend Micro HouseCall",
"version": {
"version_data": [
{
"version_value": "8.0"
}
]
}
},
{
"product_name": "Trend Micro Anti-Threat Toolkit (ATTK)",
"version": {
"version_data": [
{
"version_value": "1.62.1240 and below"
}
]
}
},
{
"product_name": "Trend Micro Rootkit Buster",
"version": {
"version_data": [
{
"version_value": "2.2"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000260713",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/000260713"
},
{
"name": "https://success.trendmicro.com/jp/solution/000260748",
"refsource": "MISC",
"url": "https://success.trendmicro.com/jp/solution/000260748"
},
{
"name": "https://jvn.jp/vu/JVNVU99160193/",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU99160193/"
},
{
"name": "https://jvn.jp/en/vu/JVNVU99160193/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/vu/JVNVU99160193/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2020-8607",
"datePublished": "2020-08-05T14:05:23",
"dateReserved": "2020-02-04T00:00:00",
"dateUpdated": "2024-08-04T10:03:46.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-40709
Vulnerability from cvelistv5
Published
2022-09-28 21:10
Modified
2024-11-20 14:56
Severity ?
EPSS score ?
Summary
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707 and 40708.
References
| ▼ | URL | Tags |
|---|---|---|
| https://success.trendmicro.com/solution/000291590 | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-22-1299/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Trend Micro | Trend Micro Deep Security |
Version: 20 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.453Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000291590"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1299/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40709",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-28T16:15:39.029523Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T14:56:09.409Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Deep Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "20"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707 and 40708."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-Of-Bounds Read Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-28T21:10:24",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/000291590"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1299/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2022-40709",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Deep Security",
"version": {
"version_data": [
{
"version_value": "20"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707 and 40708."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-Of-Bounds Read Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000291590",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/000291590"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-1299/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1299/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2022-40709",
"datePublished": "2022-09-28T21:10:24",
"dateReserved": "2022-09-14T00:00:00",
"dateUpdated": "2024-11-20T14:56:09.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-40708
Vulnerability from cvelistv5
Published
2022-09-28 21:10
Modified
2024-08-03 12:21
Severity ?
EPSS score ?
Summary
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707.
References
| ▼ | URL | Tags |
|---|---|---|
| https://success.trendmicro.com/solution/000291590 | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-22-1298/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Trend Micro | Trend Micro Deep Security |
Version: 20 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000291590"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1298/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Deep Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "20"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-Of-Bounds Read Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-28T21:10:23",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/000291590"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1298/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2022-40708",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Deep Security",
"version": {
"version_data": [
{
"version_value": "20"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-Of-Bounds Read Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000291590",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/000291590"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-1298/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1298/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2022-40708",
"datePublished": "2022-09-28T21:10:23",
"dateReserved": "2022-09-14T00:00:00",
"dateUpdated": "2024-08-03T12:21:46.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-40707
Vulnerability from cvelistv5
Published
2022-09-28 21:10
Modified
2024-08-03 12:21
Severity ?
EPSS score ?
Summary
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40708.
References
| ▼ | URL | Tags |
|---|---|---|
| https://success.trendmicro.com/solution/000291590 | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-22-1297/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Trend Micro | Trend Micro Deep Security |
Version: 20 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000291590"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1297/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Deep Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "20"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40708."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-Of-Bounds Read Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-28T21:10:22",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/000291590"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1297/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2022-40707",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Deep Security",
"version": {
"version_data": [
{
"version_value": "20"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40708."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-Of-Bounds Read Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000291590",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/000291590"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-1297/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1297/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2022-40707",
"datePublished": "2022-09-28T21:10:22",
"dateReserved": "2022-09-14T00:00:00",
"dateUpdated": "2024-08-03T12:21:46.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-40710
Vulnerability from cvelistv5
Published
2022-09-28 21:10
Modified
2024-08-03 12:21
Severity ?
EPSS score ?
Summary
A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://success.trendmicro.com/solution/000291590 | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-22-1296/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Trend Micro | Trend Micro Deep Security |
Version: 20.0 ≤ |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000291590"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1296/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Deep Security",
"vendor": "Trend Micro",
"versions": [
{
"lessThan": "20.0.0.5394",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Link Following LPE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-02T18:29:35.010Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/000291590"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1296/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2022-40710",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Deep Security",
"version": {
"version_data": [
{
"version_value": "20"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Link Following LPE"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000291590",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/000291590"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-1296/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1296/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2022-40710",
"datePublished": "2022-09-28T21:10:25",
"dateReserved": "2022-09-14T00:00:00",
"dateUpdated": "2024-08-03T12:21:46.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52337
Vulnerability from cvelistv5
Published
2024-01-23 20:42
Modified
2024-08-02 22:55
Severity ?
EPSS score ?
Summary
An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Trend Micro, Inc. | Trend Micro Deep Security Agent |
Version: 20.0 ≤ |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-075/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Deep Security Agent",
"vendor": "Trend Micro, Inc.",
"versions": [
{
"lessThan": "20.0.0-8438",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
],
"providerMetadata": {
"dateUpdated": "2024-01-23T20:42:58.280Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-075/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2023-52337",
"datePublished": "2024-01-23T20:42:58.280Z",
"dateReserved": "2024-01-12T00:09:12.342Z",
"dateUpdated": "2024-08-02T22:55:41.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25252
Vulnerability from cvelistv5
Published
2021-03-03 15:43
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://success.trendmicro.com/solution/000285675 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Trend Micro | Trend Micro Virus Scan API (VSAPI) Engine |
Version: 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:11.072Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000285675"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Virus Scan API (VSAPI) Engine\r\n",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro\u0027s Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Exhaustion",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-03T15:43:40",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/000285675"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-25252",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Virus Scan API (VSAPI) Engine\r\n",
"version": {
"version_data": [
{
"version_value": "12.0"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro\u0027s Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Exhaustion"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000285675",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/000285675"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2021-25252",
"datePublished": "2021-03-03T15:43:40",
"dateReserved": "2021-01-15T00:00:00",
"dateUpdated": "2024-08-03T19:56:11.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-15626
Vulnerability from cvelistv5
Published
2019-10-17 19:09
Modified
2024-08-05 00:56
Severity ?
EPSS score ?
Summary
The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a certain way, may transmit initial LDAP communication in clear text. This may result in confidentiality impact but does not impact integrity or availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://success.trendmicro.com/solution/000149495 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Trend Micro | Deep Security Manager |
Version: 10.0 Version: 11.0 Version: 12.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:56:22.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000149495"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Deep Security Manager",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "10.0"
},
{
"status": "affected",
"version": "11.0"
},
{
"status": "affected",
"version": "12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a certain way, may transmit initial LDAP communication in clear text. This may result in confidentiality impact but does not impact integrity or availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Confidentiality Exposure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-17T19:09:30",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://success.trendmicro.com/solution/000149495"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2019-15626",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Deep Security Manager",
"version": {
"version_data": [
{
"version_value": "10.0"
},
{
"version_value": "11.0"
},
{
"version_value": "12.0"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a certain way, may transmit initial LDAP communication in clear text. This may result in confidentiality impact but does not impact integrity or availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Confidentiality Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000149495",
"refsource": "CONFIRM",
"url": "https://success.trendmicro.com/solution/000149495"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2019-15626",
"datePublished": "2019-10-17T19:09:30",
"dateReserved": "2019-08-26T00:00:00",
"dateUpdated": "2024-08-05T00:56:22.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-6218
Vulnerability from cvelistv5
Published
2018-02-16 22:00
Modified
2024-08-05 05:54
Severity ?
EPSS score ?
Summary
A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/103096 | vdb-entry, x_refsource_BID | |
| https://jvn.jp/jp/JVN28865183/ | third-party-advisory, x_refsource_JVN | |
| https://success.trendmicro.com/solution/1119326 | x_refsource_CONFIRM | |
| https://success.trendmicro.com/jp/solution/1119348 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Trend Micro | Trend Micro User-Mode Hooking (UMH) Module |
Version: NA |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:54:53.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103096",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103096"
},
{
"name": "JVN#28865183",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/jp/JVN28865183/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/1119326"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/jp/solution/1119348"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro User-Mode Hooking (UMH) Module",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "NA"
}
]
}
],
"datePublic": "2018-02-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A DLL Hijacking vulnerability in Trend Micro\u0027s User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DLL Hijacking",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-22T10:57:01",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"name": "103096",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103096"
},
{
"name": "JVN#28865183",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/jp/JVN28865183/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://success.trendmicro.com/solution/1119326"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/jp/solution/1119348"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2018-6218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro User-Mode Hooking (UMH) Module",
"version": {
"version_data": [
{
"version_value": "NA"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A DLL Hijacking vulnerability in Trend Micro\u0027s User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DLL Hijacking"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103096",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103096"
},
{
"name": "JVN#28865183",
"refsource": "JVN",
"url": "https://jvn.jp/jp/JVN28865183/"
},
{
"name": "https://success.trendmicro.com/solution/1119326",
"refsource": "CONFIRM",
"url": "https://success.trendmicro.com/solution/1119326"
},
{
"name": "https://success.trendmicro.com/jp/solution/1119348",
"refsource": "MISC",
"url": "https://success.trendmicro.com/jp/solution/1119348"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2018-6218",
"datePublished": "2018-02-16T22:00:00",
"dateReserved": "2018-01-25T00:00:00",
"dateUpdated": "2024-08-05T05:54:53.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2019-10-17 19:15
Modified
2024-11-21 04:29
Severity ?
Summary
The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a certain way, may transmit initial LDAP communication in clear text. This may result in confidentiality impact but does not impact integrity or availability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@trendmicro.com | https://success.trendmicro.com/solution/000149495 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://success.trendmicro.com/solution/000149495 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trendmicro | deep_security | 10.0 | |
| trendmicro | deep_security | 11.0 | |
| trendmicro | deep_security | 12.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:deep_security:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC7B6BD-BAF1-4E0D-9BFB-6A9BE7D3AC40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81D6DD3F-6DA9-4D25-A0AB-8A2670A6FE91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDD405A-E3EA-48F8-AC3D-E45A666920C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a certain way, may transmit initial LDAP communication in clear text. This may result in confidentiality impact but does not impact integrity or availability."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n Deep Security Manager (versiones 10.0, 11.0 y 12.0), cuando est\u00e1 configurada de cierta manera, puede transmitir la comunicaci\u00f3n LDAP inicial en texto sin cifrar. Esto puede tener un impacto en la confidencialidad, pero no afecta la integridad o la disponibilidad."
}
],
"id": "CVE-2019-15626",
"lastModified": "2024-11-21T04:29:09.437",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-17T19:15:10.623",
"references": [
{
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/solution/000149495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/solution/000149495"
}
],
"sourceIdentifier": "security@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-319"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-23 21:15
Modified
2024-11-21 08:39
Severity ?
Summary
An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@trendmicro.com | https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US | Vendor Advisory | |
| security@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-24-075/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-24-075/ | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:deep_security:20.0:-:*:*:*:*:*:*",
"matchCriteriaId": "687BDC97-044F-4FE1-9A40-53603AFEA35E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1337:*:*:long_term_support:*:*:*",
"matchCriteriaId": "395BE207-3450-4DD8-A5B4-CA005A8A29E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1559:*:*:long_term_support:*:*:*",
"matchCriteriaId": "10692943-0205-42F3-8EBC-64499CC0A3D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update158:*:*:long_term_support:*:*:*",
"matchCriteriaId": "4CD4971B-80E4-45E5-9895-34EA463D408C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update167:*:*:long_term_support:*:*:*",
"matchCriteriaId": "13310EBF-97B9-4266-9384-82550A55EBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1681:*:*:long_term_support:*:*:*",
"matchCriteriaId": "F3DDAC1A-C2E5-4FFB-8A69-80819D39CF5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update173:*:*:long_term_support:*:*:*",
"matchCriteriaId": "B5363299-C02D-4AB8-8C48-0A3AFF4F2D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update180:*:*:long_term_support:*:*:*",
"matchCriteriaId": "A2A56B00-44A5-451C-B8D0-19097E3A9C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update182:*:*:long_term_support:*:*:*",
"matchCriteriaId": "F1C90C28-9413-407B-BC1D-3F4037BDF235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1822:*:*:long_term_support:*:*:*",
"matchCriteriaId": "6201FA1A-1F94-46DF-A7EE-6F4DE2910131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update183:*:*:long_term_support:*:*:*",
"matchCriteriaId": "D2CD4BBE-7C1B-4FA8-98E5-D2DD2E2AAD26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1876:*:*:long_term_support:*:*:*",
"matchCriteriaId": "E667A20B-65ED-434F-8A5F-220C87B175EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update190:*:*:long_term_support:*:*:*",
"matchCriteriaId": "2F74BA58-9388-4715-9477-FC1005765FA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update198:*:*:long_term_support:*:*:*",
"matchCriteriaId": "8665FF69-6034-4D5F-8E2D-8DB1E07C7BE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2009:*:*:long_term_support:*:*:*",
"matchCriteriaId": "2CCE7E62-6CBE-476F-A9E5-52790F90E5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update208:*:*:long_term_support:*:*:*",
"matchCriteriaId": "3912DDD3-A3B0-487F-A74A-9A529D69FFFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update213:*:*:long_term_support:*:*:*",
"matchCriteriaId": "4D555FC6-8986-4891-90CC-DB4F24990167",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2204:*:*:long_term_support:*:*:*",
"matchCriteriaId": "920B4F3B-2D78-4B71-8B65-8AEF6AF2C735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update223:*:*:long_term_support:*:*:*",
"matchCriteriaId": "E68C5D12-3E35-43D3-A5A0-2C029EFA0182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update224:*:*:long_term_support:*:*:*",
"matchCriteriaId": "0C49595B-D6E5-42CC-B634-5F14B868C341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2419:*:*:long_term_support:*:*:*",
"matchCriteriaId": "236653DA-EE2C-4923-A5C8-CC32305626FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2593:*:*:long_term_support:*:*:*",
"matchCriteriaId": "A61BF475-18D9-4246-91C7-7A1B6A7B44AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2740:*:*:long_term_support:*:*:*",
"matchCriteriaId": "DC90635A-4FEB-4F7A-B0BD-D4CCD1183A3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2921:*:*:long_term_support:*:*:*",
"matchCriteriaId": "6D12CADF-AAA4-4E0B-93EC-81C5C3BDCA47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3165:*:*:long_term_support:*:*:*",
"matchCriteriaId": "9FD0C979-641F-482B-9D05-B3B9A5F6D443",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3288:*:*:long_term_support:*:*:*",
"matchCriteriaId": "F56F3E88-3E65-4C3E-932D-6C8404F5A1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3445:*:*:long_term_support:*:*:*",
"matchCriteriaId": "2FF0DE00-851E-4185-8C0C-172252E3E7C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3530:*:*:long_term_support:*:*:*",
"matchCriteriaId": "57A322DB-9E37-4508-B904-51F0305D4B9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3771:*:*:long_term_support:*:*:*",
"matchCriteriaId": "9CEFF34B-1B17-416F-9068-9CE5DAC0F19D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3964:*:*:long_term_support:*:*:*",
"matchCriteriaId": "87A77C12-0F5C-4EA7-96BA-8B14E2795E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4185:*:*:long_term_support:*:*:*",
"matchCriteriaId": "87821A85-93F2-422B-8876-CF3729D99594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4416:*:*:long_term_support:*:*:*",
"matchCriteriaId": "0C3E959C-D6D5-4DF0-A26E-95EBDCB8C901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4726:*:*:long_term_support:*:*:*",
"matchCriteriaId": "F2F3C583-2A09-4448-B384-273B48D2B4E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4959:*:*:long_term_support:*:*:*",
"matchCriteriaId": "445BA171-0190-429A-8D4F-F857CEA5361E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5137:*:*:long_term_support:*:*:*",
"matchCriteriaId": "95889F1E-931E-40E4-99A1-9C1A4A8B0847",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5394:*:*:long_term_support:*:*:*",
"matchCriteriaId": "3E57A0B9-FD42-4BC2-8E77-473C231E8C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5512:*:*:long_term_support:*:*:*",
"matchCriteriaId": "9A36042B-CE11-400C-A3E9-675FA01DFD79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5810:*:*:long_term_support:*:*:*",
"matchCriteriaId": "73312B15-FF4F-4576-A6DC-90E7DDC16177",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5995:*:*:long_term_support:*:*:*",
"matchCriteriaId": "EC926B09-2153-408D-96D1-339BC6CA3E74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update6313:*:*:long_term_support:*:*:*",
"matchCriteriaId": "C8B125A6-071C-40BD-BEF8-3349D69B8FBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update6690:*:*:long_term_support:*:*:*",
"matchCriteriaId": "8798E437-2DF9-4128-95A4-D6E428BB68F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update6860:*:*:long_term_support:*:*:*",
"matchCriteriaId": "530A146D-8ACA-4EC3-A431-E732CDCBEF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7119:*:*:long_term_support:*:*:*",
"matchCriteriaId": "45F6F599-6DFD-4FAC-A3BC-DA04337FBF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7303:*:*:long_term_support:*:*:*",
"matchCriteriaId": "AF3BF95D-BE53-48CF-AC59-7E53B3245E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7476:*:*:long_term_support:*:*:*",
"matchCriteriaId": "CA991E32-E28D-4310-8578-DD92033AEEB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7719:*:*:long_term_support:*:*:*",
"matchCriteriaId": "41CFF915-1DD8-4C9F-8B43-04BCDA0C5068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7943:*:*:long_term_support:*:*:*",
"matchCriteriaId": "C88FD401-BDA4-4080-B56D-D9A980236A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update8137:*:*:long_term_support:*:*:*",
"matchCriteriaId": "56A61850-1C9F-420B-88CF-D2D92BF1709E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update8268:*:*:long_term_support:*:*:*",
"matchCriteriaId": "6CEB092E-8D28-478E-BEA9-D489EC63D689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update877:*:*:long_term_support:*:*:*",
"matchCriteriaId": "BF1E7ABB-DEF9-4CBD-B269-3091DC1CF2A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad de control de acceso inadecuado en Trend Micro Deep Security 20.0 y Trend Micro Cloud One - Endpoint and Workload Security Agent podr\u00eda permitir a un atacante local escalar privilegios en las instalaciones afectadas. Tenga en cuenta: un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad."
}
],
"id": "CVE-2023-52337",
"lastModified": "2024-11-21T08:39:35.070",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-23T21:15:09.677",
"references": [
{
"source": "security@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US"
},
{
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-075/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-075/"
}
],
"sourceIdentifier": "security@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-16 22:29
Modified
2024-11-21 04:10
Severity ?
Summary
A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@trendmicro.com | http://www.securityfocus.com/bid/103096 | Third Party Advisory, VDB Entry | |
| security@trendmicro.com | https://jvn.jp/jp/JVN28865183/ | Third Party Advisory | |
| security@trendmicro.com | https://success.trendmicro.com/jp/solution/1119348 | Vendor Advisory | |
| security@trendmicro.com | https://success.trendmicro.com/solution/1119326 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/103096 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jvn.jp/jp/JVN28865183/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://success.trendmicro.com/jp/solution/1119348 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://success.trendmicro.com/solution/1119326 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trendmicro | deep_security | 10.0 | |
| trendmicro | deep_security | 10.1 | |
| trendmicro | endpoint_sensor | 1.6 | |
| trendmicro | officescan | 11.0 | |
| trendmicro | officescan | 12.0 | |
| trendmicro | security | 12.0 | |
| trendmicro | worry-free_business_security | 9.5 | |
| trendmicro | worry-free_business_security | 9.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:deep_security:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC7B6BD-BAF1-4E0D-9BFB-6A9BE7D3AC40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "29DDA171-30DC-4673-BE55-4A0DCBB3A504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:endpoint_sensor:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8769B6-2E3A-41E1-B48F-68B740E6CC47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:officescan:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB164BF-12B5-450F-9DDB-9A3FBD544F7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:officescan:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A78EAEA-1C69-4EAA-A994-C12DD477A49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:security:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D3973C0-6707-431C-AADD-B6D9DD21A980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:worry-free_business_security:9.5:*:*:*:advanced:*:*:*",
"matchCriteriaId": "83B0011C-35D2-45E3-8ADE-B840CCC23437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:worry-free_business_security:9.5:*:*:*:standard:*:*:*",
"matchCriteriaId": "E14789E2-CD81-421C-88CE-C17C0E9D5326",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A DLL Hijacking vulnerability in Trend Micro\u0027s User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system."
},
{
"lang": "es",
"value": "Una vulnerabilidad de secuestro de DLL en Trend Micro\u0027s User-Mode Hooking Module (UMH) podr\u00eda permitir que un atacante ejecute c\u00f3digo arbitrario en un sistema vulnerable."
}
],
"id": "CVE-2018-6218",
"lastModified": "2024-11-21T04:10:19.167",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-16T22:29:00.413",
"references": [
{
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103096"
},
{
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/jp/JVN28865183/"
},
{
"source": "security@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/jp/solution/1119348"
},
{
"source": "security@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/solution/1119326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/jp/JVN28865183/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/jp/solution/1119348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/solution/1119326"
}
],
"sourceIdentifier": "security@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-426"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-23 21:15
Modified
2024-11-21 08:39
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@trendmicro.com | https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US | Vendor Advisory | |
| security@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-24-076/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-24-076/ | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:deep_security:20.0:-:*:*:*:*:*:*",
"matchCriteriaId": "687BDC97-044F-4FE1-9A40-53603AFEA35E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1337:*:*:long_term_support:*:*:*",
"matchCriteriaId": "395BE207-3450-4DD8-A5B4-CA005A8A29E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1559:*:*:long_term_support:*:*:*",
"matchCriteriaId": "10692943-0205-42F3-8EBC-64499CC0A3D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update158:*:*:long_term_support:*:*:*",
"matchCriteriaId": "4CD4971B-80E4-45E5-9895-34EA463D408C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update167:*:*:long_term_support:*:*:*",
"matchCriteriaId": "13310EBF-97B9-4266-9384-82550A55EBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1681:*:*:long_term_support:*:*:*",
"matchCriteriaId": "F3DDAC1A-C2E5-4FFB-8A69-80819D39CF5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update173:*:*:long_term_support:*:*:*",
"matchCriteriaId": "B5363299-C02D-4AB8-8C48-0A3AFF4F2D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update180:*:*:long_term_support:*:*:*",
"matchCriteriaId": "A2A56B00-44A5-451C-B8D0-19097E3A9C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update182:*:*:long_term_support:*:*:*",
"matchCriteriaId": "F1C90C28-9413-407B-BC1D-3F4037BDF235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1822:*:*:long_term_support:*:*:*",
"matchCriteriaId": "6201FA1A-1F94-46DF-A7EE-6F4DE2910131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update183:*:*:long_term_support:*:*:*",
"matchCriteriaId": "D2CD4BBE-7C1B-4FA8-98E5-D2DD2E2AAD26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1876:*:*:long_term_support:*:*:*",
"matchCriteriaId": "E667A20B-65ED-434F-8A5F-220C87B175EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update190:*:*:long_term_support:*:*:*",
"matchCriteriaId": "2F74BA58-9388-4715-9477-FC1005765FA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update198:*:*:long_term_support:*:*:*",
"matchCriteriaId": "8665FF69-6034-4D5F-8E2D-8DB1E07C7BE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2009:*:*:long_term_support:*:*:*",
"matchCriteriaId": "2CCE7E62-6CBE-476F-A9E5-52790F90E5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update208:*:*:long_term_support:*:*:*",
"matchCriteriaId": "3912DDD3-A3B0-487F-A74A-9A529D69FFFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update213:*:*:long_term_support:*:*:*",
"matchCriteriaId": "4D555FC6-8986-4891-90CC-DB4F24990167",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2204:*:*:long_term_support:*:*:*",
"matchCriteriaId": "920B4F3B-2D78-4B71-8B65-8AEF6AF2C735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update223:*:*:long_term_support:*:*:*",
"matchCriteriaId": "E68C5D12-3E35-43D3-A5A0-2C029EFA0182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update224:*:*:long_term_support:*:*:*",
"matchCriteriaId": "0C49595B-D6E5-42CC-B634-5F14B868C341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2419:*:*:long_term_support:*:*:*",
"matchCriteriaId": "236653DA-EE2C-4923-A5C8-CC32305626FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2593:*:*:long_term_support:*:*:*",
"matchCriteriaId": "A61BF475-18D9-4246-91C7-7A1B6A7B44AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2740:*:*:long_term_support:*:*:*",
"matchCriteriaId": "DC90635A-4FEB-4F7A-B0BD-D4CCD1183A3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2921:*:*:long_term_support:*:*:*",
"matchCriteriaId": "6D12CADF-AAA4-4E0B-93EC-81C5C3BDCA47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3165:*:*:long_term_support:*:*:*",
"matchCriteriaId": "9FD0C979-641F-482B-9D05-B3B9A5F6D443",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3288:*:*:long_term_support:*:*:*",
"matchCriteriaId": "F56F3E88-3E65-4C3E-932D-6C8404F5A1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3445:*:*:long_term_support:*:*:*",
"matchCriteriaId": "2FF0DE00-851E-4185-8C0C-172252E3E7C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3530:*:*:long_term_support:*:*:*",
"matchCriteriaId": "57A322DB-9E37-4508-B904-51F0305D4B9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3771:*:*:long_term_support:*:*:*",
"matchCriteriaId": "9CEFF34B-1B17-416F-9068-9CE5DAC0F19D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3964:*:*:long_term_support:*:*:*",
"matchCriteriaId": "87A77C12-0F5C-4EA7-96BA-8B14E2795E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4185:*:*:long_term_support:*:*:*",
"matchCriteriaId": "87821A85-93F2-422B-8876-CF3729D99594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4416:*:*:long_term_support:*:*:*",
"matchCriteriaId": "0C3E959C-D6D5-4DF0-A26E-95EBDCB8C901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4726:*:*:long_term_support:*:*:*",
"matchCriteriaId": "F2F3C583-2A09-4448-B384-273B48D2B4E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4959:*:*:long_term_support:*:*:*",
"matchCriteriaId": "445BA171-0190-429A-8D4F-F857CEA5361E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5137:*:*:long_term_support:*:*:*",
"matchCriteriaId": "95889F1E-931E-40E4-99A1-9C1A4A8B0847",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5394:*:*:long_term_support:*:*:*",
"matchCriteriaId": "3E57A0B9-FD42-4BC2-8E77-473C231E8C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5512:*:*:long_term_support:*:*:*",
"matchCriteriaId": "9A36042B-CE11-400C-A3E9-675FA01DFD79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5810:*:*:long_term_support:*:*:*",
"matchCriteriaId": "73312B15-FF4F-4576-A6DC-90E7DDC16177",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5995:*:*:long_term_support:*:*:*",
"matchCriteriaId": "EC926B09-2153-408D-96D1-339BC6CA3E74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update6313:*:*:long_term_support:*:*:*",
"matchCriteriaId": "C8B125A6-071C-40BD-BEF8-3349D69B8FBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update6690:*:*:long_term_support:*:*:*",
"matchCriteriaId": "8798E437-2DF9-4128-95A4-D6E428BB68F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update6860:*:*:long_term_support:*:*:*",
"matchCriteriaId": "530A146D-8ACA-4EC3-A431-E732CDCBEF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7119:*:*:long_term_support:*:*:*",
"matchCriteriaId": "45F6F599-6DFD-4FAC-A3BC-DA04337FBF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7303:*:*:long_term_support:*:*:*",
"matchCriteriaId": "AF3BF95D-BE53-48CF-AC59-7E53B3245E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7476:*:*:long_term_support:*:*:*",
"matchCriteriaId": "CA991E32-E28D-4310-8578-DD92033AEEB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7719:*:*:long_term_support:*:*:*",
"matchCriteriaId": "41CFF915-1DD8-4C9F-8B43-04BCDA0C5068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7943:*:*:long_term_support:*:*:*",
"matchCriteriaId": "C88FD401-BDA4-4080-B56D-D9A980236A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update8137:*:*:long_term_support:*:*:*",
"matchCriteriaId": "56A61850-1C9F-420B-88CF-D2D92BF1709E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update8268:*:*:long_term_support:*:*:*",
"matchCriteriaId": "6CEB092E-8D28-478E-BEA9-D489EC63D689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update877:*:*:long_term_support:*:*:*",
"matchCriteriaId": "BF1E7ABB-DEF9-4CBD-B269-3091DC1CF2A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad de link following en Trend Micro Deep Security 20.0 y Trend Micro Cloud One - Endpoint and Workload Security Agent podr\u00eda permitir a un atacante local escalar privilegios en las instalaciones afectadas. Tenga en cuenta: un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad."
}
],
"id": "CVE-2023-52338",
"lastModified": "2024-11-21T08:39:35.220",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-01-23T21:15:09.717",
"references": [
{
"source": "security@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US"
},
{
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-076/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-076/"
}
],
"sourceIdentifier": "security@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-03 16:15
Modified
2024-11-21 05:54
Severity ?
Summary
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@trendmicro.com | https://success.trendmicro.com/solution/000285675 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://success.trendmicro.com/solution/000285675 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:*:*:*",
"matchCriteriaId": "F1A4CE49-201A-4A47-A760-6463C454A6AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:apex_one:2019:-:*:*:*:*:*:*",
"matchCriteriaId": "219071B9-2D31-4E7F-A0AD-769FE0243B35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:cloud_edge:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E326AF6-B46B-40BE-8CDF-0F94A99FAED6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:apex_one:-:-:*:*:*:*:*:*",
"matchCriteriaId": "E31C9ADB-D6BB-4C69-A6D6-DFFD2D2140D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:deep_security:10.0:-:*:*:*:*:*:*",
"matchCriteriaId": "6B7E15DA-AE75-4CD7-AA71-A560A78D968C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "8241E0BC-5DA9-4C60-B844-56FC23E47152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3E49F38B-B210-49CB-9F76-B65CAB36BC74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security:20.0:-:*:*:long_term_support:*:*:*",
"matchCriteriaId": "398B0CDB-03CB-434C-9650-24340C093C86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:control_manager:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "165D2436-C6A3-47A9-9FE3-51628BF6C414",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:deep_discovery_analyzer:5.1:-:*:*:*:*:*:*",
"matchCriteriaId": "A31C0DF7-D04B-4BF6-8A9C-FD9AB7E68B0A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:deep_discovery_email_inspector:2.5:-:*:*:*:*:*:*",
"matchCriteriaId": "B664C78E-D12E-4405-A35F-54BD90437AD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:deep_discovery_inspector:3.8:-:*:*:*:*:*:*",
"matchCriteriaId": "B6D67DBF-FA30-44B7-9404-9C17EA72295B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:interscan_messaging_security_virtual_appliance:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "0429A7DF-3CB4-44BB-A26A-54DB9EE25ABD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:interscan_web_security_virtual_appliance:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "DFF71E3A-0C66-4FCC-AEEE-3CCFBDCF3ADD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:officescan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3448C332-00D7-41B3-BD1A-9D665CED4F6A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:portal_protect:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3649712F-7311-453F-BC0B-6608F4750086",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:scanmail:14.0:*:*:*:*:microsoft_exchange:*:*",
"matchCriteriaId": "37BCA3F5-0BC9-4287-A97F-F5E20465EF0E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:scanmail_for_ibm_domino:5.8:-:*:*:*:*:*:*",
"matchCriteriaId": "E45ABCCA-69AD-45B6-833C-06380C83702E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:serverprotect_for_storage:6.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3C44B160-E042-465C-9442-296202E9B750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:serverprotect:5.8:-:*:*:*:*:*:*",
"matchCriteriaId": "889BBE0A-A33B-4CF8-8801-DC1202621FAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:emc:celerra_network_attached_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FABC70E5-DC68-4538-B7AA-30385E54FC45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:novell:netware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61BD8560-99BE-46E5-8366-7CD9CD3427E6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:serverprotect_for_network_appliance_filers:5.8:-:*:*:*:*:*:*",
"matchCriteriaId": "60880631-D7EC-4F88-8C4C-9217861D2047",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:cluster_data_ontap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D877693-7976-44ED-AE10-EADF8C98ACB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:safe_lock:1.1:-:*:*:txone:*:*:*",
"matchCriteriaId": "E82A9956-C47F-4AC2-BFAE-A12C496502A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:worry-free_business_security:10.1:-:*:*:*:*:*:*",
"matchCriteriaId": "ED502EB1-F3E9-46B6-BE08-6FCCE0AE1E12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro\u0027s Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file."
},
{
"lang": "es",
"value": "La API Virus Scan (VSAPI) y el Advanced Threat Scan Engine (ATSE) de Trend Micro, son susceptibles a una vulnerabilidad de agotamiento de la memoria que puede conllevar a una denegaci\u00f3n de servicio o a un congelamiento del sistema si es explotada por un atacante usando un archivo especialmente dise\u00f1ado"
}
],
"id": "CVE-2021-25252",
"lastModified": "2024-11-21T05:54:38.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-03T16:15:13.087",
"references": [
{
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/solution/000285675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/solution/000285675"
}
],
"sourceIdentifier": "security@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-17 19:15
Modified
2024-11-21 04:29
Severity ?
Summary
Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, which may lead to availability impact. Local OS access is required. Please note that only Windows agents are affected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trendmicro | deep_security | 10.0 | |
| trendmicro | deep_security | 11.0 | |
| trendmicro | deep_security | 12.0 | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:deep_security:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC7B6BD-BAF1-4E0D-9BFB-6A9BE7D3AC40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81D6DD3F-6DA9-4D25-A0AB-8A2670A6FE91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDD405A-E3EA-48F8-AC3D-E45A666920C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, which may lead to availability impact. Local OS access is required. Please note that only Windows agents are affected."
},
{
"lang": "es",
"value": "Las versiones 10.0, 11.0 y 12.0 del Trend Micro Deep Security Agent son vulnerables a un ataque de eliminaci\u00f3n de archivos arbitrarios, lo que puede tener un impacto en la disponibilidad. Es requerido un acceso local al sistema operativo. Por favor tome en cuenta que solo los agentes de Windows est\u00e1n afectados."
}
],
"id": "CVE-2019-15627",
"lastModified": "2024-11-21T04:29:09.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-17T19:15:10.670",
"references": [
{
"source": "security@trendmicro.com",
"url": "http://packetstormsecurity.com/files/155579/Trend-Micro-Deep-Security-Agent-11-Arbitrary-File-Overwrite.html"
},
{
"source": "security@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/solution/000149495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/155579/Trend-Micro-Deep-Security-Agent-11-Arbitrary-File-Overwrite.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/solution/000149495"
}
],
"sourceIdentifier": "security@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-05 14:15
Modified
2024-11-21 05:39
Severity ?
Summary
An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@trendmicro.com | https://jvn.jp/en/vu/JVNVU99160193/index.html | Third Party Advisory | |
| security@trendmicro.com | https://jvn.jp/vu/JVNVU99160193/ | Third Party Advisory | |
| security@trendmicro.com | https://success.trendmicro.com/jp/solution/000260748 | Vendor Advisory | |
| security@trendmicro.com | https://success.trendmicro.com/solution/000260713 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jvn.jp/en/vu/JVNVU99160193/index.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jvn.jp/vu/JVNVU99160193/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://success.trendmicro.com/jp/solution/000260748 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://success.trendmicro.com/solution/000260713 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trendmicro | antivirus_toolkit | * | |
| trendmicro | apex_one | 2019 | |
| trendmicro | apex_one | saas | |
| trendmicro | deep_security | 9.6 | |
| trendmicro | deep_security | 10.0 | |
| trendmicro | deep_security | 11.0 | |
| trendmicro | deep_security | 12.0 | |
| trendmicro | officescan | xg | |
| trendmicro | officescan_business_security | 9.0 | |
| trendmicro | officescan_business_security | 9.5 | |
| trendmicro | officescan_business_security | 10.0 | |
| trendmicro | officescan_business_security_service | - | |
| trendmicro | officescan_cloud | 15 | |
| trendmicro | officescan_cloud | 16.0 | |
| trendmicro | online_scan | 8.0 | |
| trendmicro | portable_security | 2.0 | |
| trendmicro | portable_security | 3.0 | |
| trendmicro | rootkit_buster | 2.2 | |
| trendmicro | safe_lock | - | |
| trendmicro | safe_lock | 2.0 | |
| trendmicro | serverprotect | 5.8 | |
| trendmicro | serverprotect | 5.8 | |
| trendmicro | serverprotect | 5.8 | |
| trendmicro | serverprotect | 6.0 | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:antivirus_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5225790C-66F3-438C-82A9-0567EA2D3EAE",
"versionEndExcluding": "1.62.1240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "AF019D2D-C426-4D2D-A254-442CE777B41E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:apex_one:saas:*:*:*:*:*:*:*",
"matchCriteriaId": "0BD39638-1D52-4FA8-BBA0-305795D7D2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security:9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A741097B-4B1F-4541-8E81-ABAAB16F4CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC7B6BD-BAF1-4E0D-9BFB-6A9BE7D3AC40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81D6DD3F-6DA9-4D25-A0AB-8A2670A6FE91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDD405A-E3EA-48F8-AC3D-E45A666920C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:officescan:xg:sp1:*:*:*:*:*:*",
"matchCriteriaId": "64600B42-4884-41F2-A683-AE1EDB79372E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:officescan_business_security:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B20A7619-A7A7-4048-BF27-5B2613DCF914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:officescan_business_security:9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "14329F60-1C5D-4A4C-BBCA-BD42FFB4FB73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:officescan_business_security:10.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "762313F8-2BA6-4ED7-A977-56C962D5B27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:officescan_business_security_service:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E3FC1CA-FFB4-4838-9BCE-BB5CAC28505F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:officescan_cloud:15:*:*:*:*:*:*:*",
"matchCriteriaId": "7D4FDFB7-9F82-47F2-B265-916BFCE0A0EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:officescan_cloud:16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C23A004A-B597-402D-BFA8-9EB11580B13F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:online_scan:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "388766C0-6983-453A-A1C2-8266127337C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:portable_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D33BDD31-422F-4DB0-B2DC-789611260C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:portable_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "079E3712-9365-44F8-804B-2ADBD89C1D5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:rootkit_buster:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AA0F265-BD68-41F7-99DD-8832EE7E295B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:safe_lock:-:*:*:*:txone:*:*:*",
"matchCriteriaId": "8549A2AA-5BDE-4B27-9861-9426769FAB0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:safe_lock:2.0:sp1:*:*:-:*:*:*",
"matchCriteriaId": "9B28CE37-C436-4440-B43F-905482D91AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:serverprotect:5.8:*:*:*:*:emc:*:*",
"matchCriteriaId": "0BD9FEA3-46A4-4CEF-97B5-27BC2120B082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:serverprotect:5.8:*:*:*:*:netware:*:*",
"matchCriteriaId": "82D38D59-9208-4101-89D8-367E53DA29D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:serverprotect:5.8:*:*:*:*:windows:*:*",
"matchCriteriaId": "7293D7E6-196E-4C9F-B107-77FB2E770A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:serverprotect:6.0:*:*:*:*:storage:*:*",
"matchCriteriaId": "46FD65C7-6DED-47CA-988D-089E95D2F7B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad de comprobaci\u00f3n de entrada que se encuentra en varios productos de Trend Micro que usan una versi\u00f3n particular de un controlador de protecci\u00f3n de rootkit espec\u00edfico, podr\u00eda permitir a un atacante en modo usuario con permisos de administrador abusar del controlador para modificar una direcci\u00f3n del kernel que puede causar un bloqueo del sistema o potencialmente conllevar a una ejecuci\u00f3n de c\u00f3digo en modo kernel. Un atacante ya debe haber obtenido acceso de administrador en la m\u00e1quina de destino (leg\u00edtimamente o mediante un ataque no relacionado separado) para explotar esta vulnerabilidad"
}
],
"id": "CVE-2020-8607",
"lastModified": "2024-11-21T05:39:07.050",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-05T14:15:13.530",
"references": [
{
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/en/vu/JVNVU99160193/index.html"
},
{
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/vu/JVNVU99160193/"
},
{
"source": "security@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/jp/solution/000260748"
},
{
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/solution/000260713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/en/vu/JVNVU99160193/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/vu/JVNVU99160193/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/jp/solution/000260748"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/solution/000260713"
}
],
"sourceIdentifier": "security@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}