Deep Security Agent
by Trend Micro
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-51503 | Hig | 0.52 | 8.0 | 0.04 | Nov 19, 2024 | A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. In certain circumstances, attackers that have legitimate access to the domain… | ||
| CVE-2025-30641 | Hig | 0.51 | 7.8 | 0.00 | Jun 17, 2025 | A link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on… | ||
| CVE-2025-30640 | Hig | 0.51 | 7.8 | 0.00 | Jun 17, 2025 | A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to… | ||
| CVE-2024-48903 | Hig | 0.51 | 7.8 | 0.01 | Oct 22, 2024 | An improper access control vulnerability in Trend Micro Deep Security Agent 20 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to… | ||
| CVE-2023-52338 | Hig | 0.51 | 7.8 | 0.00 | Jan 23, 2024 | A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to… | ||
| CVE-2023-52337 | Hig | 0.51 | 7.8 | 0.00 | Jan 23, 2024 | An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to… | ||
| CVE-2022-23120 | Hig | 0.51 | 7.8 | 0.06 | Jan 20, 2022 | A code injection vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to escalate privileges and run arbitrary code in the context of root. Please note: an attacker must first obtain access to… | ||
| CVE-2022-23119 | Hig | 0.51 | 7.5 | 0.22 | Jan 20, 2022 | A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the… | ||
| CVE-2019-15627 | Hig | 0.49 | 7.1 | 0.01 | Oct 17, 2019 | Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, which may lead to availability impact. Local OS access is required. Please note that only Windows agents are affected. | ||
| CVE-2024-55955 | Med | 0.44 | 6.7 | 0.00 | Dec 31, 2024 | An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to… | ||
| CVE-2025-30642 | Med | 0.36 | 5.5 | 0.00 | Jun 17, 2025 | A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to create a denial of service (DoS) situation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target… | ||
| CVE-2022-40709 | Low | 0.21 | 3.3 | 0.00 | Sep 28, 2022 | An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute… | ||
| CVE-2022-40708 | Low | 0.21 | 3.3 | 0.00 | Sep 28, 2022 | An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute… | ||
| CVE-2022-40707 | Low | 0.21 | 3.3 | 0.00 | Sep 28, 2022 | An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute… |
- risk 0.52cvss 8.0epss 0.04
A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. In certain circumstances, attackers that have legitimate access to the domain…
- risk 0.51cvss 7.8epss 0.00
A link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on…
- risk 0.51cvss 7.8epss 0.00
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…
- risk 0.51cvss 7.8epss 0.01
An improper access control vulnerability in Trend Micro Deep Security Agent 20 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…
- risk 0.51cvss 7.8epss 0.00
A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to…
- risk 0.51cvss 7.8epss 0.00
An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to…
- risk 0.51cvss 7.8epss 0.06
A code injection vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to escalate privileges and run arbitrary code in the context of root. Please note: an attacker must first obtain access to…
- risk 0.51cvss 7.5epss 0.22
A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the…
- risk 0.49cvss 7.1epss 0.01
Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, which may lead to availability impact. Local OS access is required. Please note that only Windows agents are affected.
- risk 0.44cvss 6.7epss 0.00
An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to…
- risk 0.36cvss 5.5epss 0.00
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to create a denial of service (DoS) situation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…
- risk 0.21cvss 3.3epss 0.00
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute…
- risk 0.21cvss 3.3epss 0.00
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute…
- risk 0.21cvss 3.3epss 0.00
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute…