cvelistv5 - cve-2024-55955

CVE-2024-55955 (GCVE-0-2024-55955)

Vulnerability from cvelistv5 – Published: 2024-12-31 16:19 – Updated: 2025-03-05 04:55

Summary

An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Severity ?

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-427 - Uncontrolled Search Path Element

Assigner

trendmicro

References

URL

Tags

https://success.trendmicro.com/en-US/solution/KA-…

Impacted products

	Vendor	Product	Version
	Trend Micro, Inc.	Trend Micro Deep Security	Affected: 20 , < 20.0.1-23340 (semver) cpe:2.3:a:trendmicro:deep_security_agent:20.0:update10940:::long_term_support:::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-55955",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-04T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-05T04:55:27.005Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update10940:*:*:long_term_support:*:*:*"
          ],
          "product": "Trend Micro Deep Security",
          "vendor": "Trend Micro, Inc.",
          "versions": [
            {
              "lessThan": "20.0.1-23340",
              "status": "affected",
              "version": "20",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-427",
              "description": "CWE-427: Uncontrolled Search Path Element",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-31T16:19:35.471Z",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "url": "https://success.trendmicro.com/en-US/solution/KA-0018571"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2024-55955",
    "datePublished": "2024-12-31T16:19:35.471Z",
    "dateReserved": "2024-12-13T18:38:39.678Z",
    "dateUpdated": "2025-03-05T04:55:27.005Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations.\\r\\n\\r\\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de asignaci\\u00f3n incorrecta de permisos en los agentes de Trend Micro Deep Security 20.0 entre las versiones 20.0.1-9400 y 20.0.1-23340 podr\\u00eda permitir que un atacante local aumente los privilegios en las instalaciones afectadas. Tenga en cuenta que, para explotar esta vulnerabilidad, un atacante primero debe obtener la capacidad de ejecutar c\\u00f3digo con pocos privilegios en el sistema de destino.\\n\"}]",
      "id": "CVE-2024-55955",
      "lastModified": "2024-12-31T17:15:09.270",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security@trendmicro.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 6.7, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 5.9}]}",
      "published": "2024-12-31T17:15:09.270",
      "references": "[{\"url\": \"https://success.trendmicro.com/en-US/solution/KA-0018571\", \"source\": \"security@trendmicro.com\"}]",
      "sourceIdentifier": "security@trendmicro.com",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"security@trendmicro.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-427\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-55955\",\"sourceIdentifier\":\"security@trendmicro.com\",\"published\":\"2024-12-31T17:15:09.270\",\"lastModified\":\"2025-09-09T14:45:36.713\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations.\\r\\n\\r\\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de asignaci\u00f3n incorrecta de permisos en los agentes de Trend Micro Deep Security 20.0 entre las versiones 20.0.1-9400 y 20.0.1-23340 podr\u00eda permitir que un atacante local aumente los privilegios en las instalaciones afectadas. Tenga en cuenta que, para explotar esta vulnerabilidad, un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo con pocos privilegios en el sistema de destino.\\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@trendmicro.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.3,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security@trendmicro.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-427\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-732\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update12510:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"C05839B1-B2FE-4AAA-9E62-DC913FA703ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update14610:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"D807E63A-41D5-4D70-8754-D7BA24A3872F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update17380:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"D4C9B954-64D3-4C1C-8CAF-B12A3D25C842\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update19250:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"62C967EC-7A1D-4AD1-B09F-B99B3A7D11CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update21510:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"8B17AA4C-739B-41B3-BD59-447291FE6C19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update9400:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"2CE53A47-01E2-4BB5-9411-80FE4C137F77\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://success.trendmicro.com/en-US/solution/KA-0018571\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-55955\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-31T17:24:12.472525Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-31T17:24:15.438Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:trendmicro:deep_security_agent:20.0:update10940:*:*:long_term_support:*:*:*\"], \"vendor\": \"Trend Micro, Inc.\", \"product\": \"Trend Micro Deep Security\", \"versions\": [{\"status\": \"affected\", \"version\": \"20\", \"lessThan\": \"20.0.1-23340\", \"versionType\": \"semver\"}]}], \"references\": [{\"url\": \"https://success.trendmicro.com/en-US/solution/KA-0018571\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations.\\r\\n\\r\\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-427\", \"description\": \"CWE-427: Uncontrolled Search Path Element\"}]}], \"providerMetadata\": {\"orgId\": \"7f7bd7df-cffe-4fdb-ab6d-859363b89272\", \"shortName\": \"trendmicro\", \"dateUpdated\": \"2024-12-31T16:19:35.471Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-55955\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-05T04:55:27.005Z\", \"dateReserved\": \"2024-12-13T18:38:39.678Z\", \"assignerOrgId\": \"7f7bd7df-cffe-4fdb-ab6d-859363b89272\", \"datePublished\": \"2024-12-31T16:19:35.471Z\", \"assignerShortName\": \"trendmicro\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

WID-SEC-W-2024-3734

Vulnerability from csaf_certbund - Published: 2024-12-18 23:00 - Updated: 2024-12-18 23:00

Summary

Trend Micro Deep Security Agent: Schwachstelle ermöglicht Privilegieneskalation

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Trend Micro Deep Security Agent dient der Umsetzung von Sicherheitsrichtlinien.

Angriff

Ein lokaler Angreifer kann eine Schwachstelle in Trend Micro Deep Security Agent ausnutzen, um seine Privilegien zu erhöhen.

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Trend Micro Deep Security Agent dient der Umsetzung von Sicherheitsrichtlinien.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann eine Schwachstelle in Trend Micro Deep Security Agent ausnutzen, um seine Privilegien zu erh\u00f6hen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3734 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3734.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3734 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3734"
      },
      {
        "category": "external",
        "summary": "Trend Micro Security Bulletin vom 2024-12-19",
        "url": "https://success.trendmicro.com/en-US/solution/KA-0018571"
      }
    ],
    "source_lang": "en-US",
    "title": "Trend Micro Deep Security Agent: Schwachstelle erm\u00f6glicht Privilegieneskalation",
    "tracking": {
      "current_release_date": "2024-12-18T23:00:00.000+00:00",
      "generator": {
        "date": "2024-12-19T13:12:21.769+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2024-3734",
      "initial_release_date": "2024-12-18T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-12-18T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c20.0.1-23340",
                "product": {
                  "name": "Trend Micro Deep Security Agent \u003c20.0.1-23340",
                  "product_id": "T039945"
                }
              },
              {
                "category": "product_version",
                "name": "20.0.1-23340",
                "product": {
                  "name": "Trend Micro Deep Security Agent 20.0.1-23340",
                  "product_id": "T039945-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:trendmicro:deep_security_agent:20.0.1-23340"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Deep Security Agent"
          }
        ],
        "category": "vendor",
        "name": "Trend Micro"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-55955",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Trend Micro Deep Security Agent. Ursache sind falsch vergebene Berechtigungen Ein lokaler Angreifer kann dies f\u00fcr eine Privilegieneskalation ausnutzen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039945"
        ]
      },
      "release_date": "2024-12-18T23:00:00.000+00:00",
      "title": "CVE-2024-55955"
    }
  ]
}

JVNDB-2024-015471

Vulnerability from jvndb - Published: 2024-12-25 11:28 - Updated:2024-12-25 11:28

Summary

Trend Micro Deep Security 20.0 Agent (for Windows) vulnerable to uncontrolled search path element

Details

Trend Micro Incorporated has released the security updates for Deep Security 20.0 Agent (for Windows) that contains a fix for an uncontrolled search path element vulnerability (CWE-427, CVE-2024-55955). Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.

References

Type

URL

	JVN	https://jvn.jp/en/vu/JVNVU92980681/index.html
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-55955
	Uncontrolled Search Path Element(CWE-427)	https://cwe.mitre.org/data/definitions/427.html

Impacted products

Vendor

Product

Trend Micro, Inc.

Deep Security Agent

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-015471.html",
  "dc:date": "2024-12-25T11:28+09:00",
  "dcterms:issued": "2024-12-25T11:28+09:00",
  "dcterms:modified": "2024-12-25T11:28+09:00",
  "description": "Trend Micro Incorporated has released the security updates for Deep Security 20.0 Agent (for Windows) that contains a fix for an uncontrolled search path element vulnerability (CWE-427, CVE-2024-55955).\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-015471.html",
  "sec:cpe": {
    "#text": "cpe:/a:trendmicro:deep_security_agent",
    "@product": "Deep Security Agent",
    "@vendor": "Trend Micro, Inc.",
    "@version": "2.2"
  },
  "sec:identifier": "JVNDB-2024-015471",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU92980681/index.html",
      "@id": "JVNVU#92980681",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-55955",
      "@id": "CVE-2024-55955",
      "@source": "CVE"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/427.html",
      "@id": "CWE-427",
      "@title": "Uncontrolled Search Path Element(CWE-427)"
    }
  ],
  "title": "Trend Micro Deep Security 20.0 Agent (for Windows) vulnerable to uncontrolled search path element"
}

FKIE_CVE-2024-55955

Vulnerability from fkie_nvd - Published: 2024-12-31 17:15 - Updated: 2025-09-09 14:45

Severity ?

6.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	security@trendmicro.com	https://success.trendmicro.com/en-US/solution/KA-0018571	Vendor Advisory

Impacted products

Vendor	Product	Version
trendmicro	deep_security_agent	20.0.1
trendmicro	deep_security_agent	20.0.1
trendmicro	deep_security_agent	20.0.1
trendmicro	deep_security_agent	20.0.1
trendmicro	deep_security_agent	20.0.1
trendmicro	deep_security_agent	20.0.1
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update12510:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "C05839B1-B2FE-4AAA-9E62-DC913FA703ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update14610:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "D807E63A-41D5-4D70-8754-D7BA24A3872F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update17380:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "D4C9B954-64D3-4C1C-8CAF-B12A3D25C842",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update19250:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "62C967EC-7A1D-4AD1-B09F-B99B3A7D11CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update21510:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "8B17AA4C-739B-41B3-BD59-447291FE6C19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update9400:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "2CE53A47-01E2-4BB5-9411-80FE4C137F77",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de asignaci\u00f3n incorrecta de permisos en los agentes de Trend Micro Deep Security 20.0 entre las versiones 20.0.1-9400 y 20.0.1-23340 podr\u00eda permitir que un atacante local aumente los privilegios en las instalaciones afectadas. Tenga en cuenta que, para explotar esta vulnerabilidad, un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo con pocos privilegios en el sistema de destino.\n"
    }
  ],
  "id": "CVE-2024-55955",
  "lastModified": "2025-09-09T14:45:36.713",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "security@trendmicro.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-12-31T17:15:09.270",
  "references": [
    {
      "source": "security@trendmicro.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://success.trendmicro.com/en-US/solution/KA-0018571"
    }
  ],
  "sourceIdentifier": "security@trendmicro.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-427"
        }
      ],
      "source": "security@trendmicro.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-732"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-Q3W2-J3FW-VMVP

Vulnerability from github – Published: 2024-12-31 18:30 – Updated: 2024-12-31 18:30

Details

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Severity ?

6.7 (Medium)


                  
                    CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-55955"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-427",
      "CWE-732"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-31T17:15:09Z",
    "severity": "MODERATE"
  },
  "details": "An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations.\n\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",
  "id": "GHSA-q3w2-j3fw-vmvp",
  "modified": "2024-12-31T18:30:51Z",
  "published": "2024-12-31T18:30:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55955"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0018571"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2024-AVI-1097

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans Trend Micro Deep Security Agent. Elle permet à un attaquant de provoquer une élévation de privilèges.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Trend Micro	Deep Security Agent	Deep Security Agent versions 20.0.x antérieures à 20.0.1-23340 pour Windows

References

Title

Publication Time

Tags

Bulletin de sécurité Trend Micro KA-0018571

2024-12-19

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Deep Security Agent versions 20.0.x ant\u00e9rieures \u00e0 20.0.1-23340 pour Windows",
      "product": {
        "name": "Deep Security Agent",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-55955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-55955"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-1097",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-12-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Trend Micro Deep Security Agent. Elle permet \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges.",
  "title": "Vuln\u00e9rabilit\u00e9 dans Trend Micro Deep Security Agent",
  "vendor_advisories": [
    {
      "published_at": "2024-12-19",
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro KA-0018571",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0018571"
    }
  ]
}

CERTFR-2024-AVI-1097

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans Trend Micro Deep Security Agent. Elle permet à un attaquant de provoquer une élévation de privilèges.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Trend Micro	Deep Security Agent	Deep Security Agent versions 20.0.x antérieures à 20.0.1-23340 pour Windows

References

Title

Publication Time

Tags

Bulletin de sécurité Trend Micro KA-0018571

2024-12-19

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Deep Security Agent versions 20.0.x ant\u00e9rieures \u00e0 20.0.1-23340 pour Windows",
      "product": {
        "name": "Deep Security Agent",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-55955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-55955"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-1097",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-12-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Trend Micro Deep Security Agent. Elle permet \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges.",
  "title": "Vuln\u00e9rabilit\u00e9 dans Trend Micro Deep Security Agent",
  "vendor_advisories": [
    {
      "published_at": "2024-12-19",
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro KA-0018571",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0018571"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-55955 (GCVE-0-2024-55955)

WID-SEC-W-2024-3734

JVNDB-2024-015471

FKIE_CVE-2024-55955

GHSA-Q3W2-J3FW-VMVP

CERTFR-2024-AVI-1097

Solutions

CERTFR-2024-AVI-1097

Solutions

Tags

Sightings

Nomenclature