jvndb - jvndb-2024-015471

JVNDB-2024-015471

Vulnerability from jvndb - Published: 2024-12-25 11:28 - Updated:2024-12-25 11:28

Summary

Trend Micro Deep Security 20.0 Agent (for Windows) vulnerable to uncontrolled search path element

Details

Trend Micro Incorporated has released the security updates for Deep Security 20.0 Agent (for Windows) that contains a fix for an uncontrolled search path element vulnerability (CWE-427, CVE-2024-55955). Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.

References

Type

URL

	JVN	https://jvn.jp/en/vu/JVNVU92980681/index.html
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-55955
	Uncontrolled Search Path Element(CWE-427)	https://cwe.mitre.org/data/definitions/427.html

Impacted products

Vendor

Product

Trend Micro, Inc.

Deep Security Agent

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-015471.html",
  "dc:date": "2024-12-25T11:28+09:00",
  "dcterms:issued": "2024-12-25T11:28+09:00",
  "dcterms:modified": "2024-12-25T11:28+09:00",
  "description": "Trend Micro Incorporated has released the security updates for Deep Security 20.0 Agent (for Windows) that contains a fix for an uncontrolled search path element vulnerability (CWE-427, CVE-2024-55955).\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-015471.html",
  "sec:cpe": {
    "#text": "cpe:/a:trendmicro:deep_security_agent",
    "@product": "Deep Security Agent",
    "@vendor": "Trend Micro, Inc.",
    "@version": "2.2"
  },
  "sec:identifier": "JVNDB-2024-015471",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU92980681/index.html",
      "@id": "JVNVU#92980681",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-55955",
      "@id": "CVE-2024-55955",
      "@source": "CVE"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/427.html",
      "@id": "CWE-427",
      "@title": "Uncontrolled Search Path Element(CWE-427)"
    }
  ],
  "title": "Trend Micro Deep Security 20.0 Agent (for Windows) vulnerable to uncontrolled search path element"
}

CVE-2024-55955 (GCVE-0-2024-55955)

Vulnerability from cvelistv5 – Published: 2024-12-31 16:19 – Updated: 2025-03-05 04:55

Summary

An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Severity ?

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-427 - Uncontrolled Search Path Element

Assigner

trendmicro

References

URL

Tags

https://success.trendmicro.com/en-US/solution/KA-…

Impacted products

	Vendor	Product	Version
	Trend Micro, Inc.	Trend Micro Deep Security	Affected: 20 , < 20.0.1-23340 (semver) cpe:2.3:a:trendmicro:deep_security_agent:20.0:update10940:::long_term_support:::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-55955",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-04T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-05T04:55:27.005Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update10940:*:*:long_term_support:*:*:*"
          ],
          "product": "Trend Micro Deep Security",
          "vendor": "Trend Micro, Inc.",
          "versions": [
            {
              "lessThan": "20.0.1-23340",
              "status": "affected",
              "version": "20",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-427",
              "description": "CWE-427: Uncontrolled Search Path Element",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-31T16:19:35.471Z",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "url": "https://success.trendmicro.com/en-US/solution/KA-0018571"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2024-55955",
    "datePublished": "2024-12-31T16:19:35.471Z",
    "dateReserved": "2024-12-13T18:38:39.678Z",
    "dateUpdated": "2025-03-05T04:55:27.005Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

JVNDB-2024-015471

CVE-2024-55955 (GCVE-0-2024-55955)

Tags

Sightings

Nomenclature