VYPR

Deep Security

by Trend Micro

CVEs (8)

  • CVE-2020-15601HigAug 27, 2020
    risk 0.53cvss 8.1epss 0.03

    If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication…

  • CVE-2025-30641HigJun 17, 2025
    risk 0.51cvss 7.8epss 0.00

    A link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on…

  • CVE-2025-30640HigJun 17, 2025
    risk 0.51cvss 7.8epss 0.00

    A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…

  • CVE-2022-40710HigSep 28, 2022
    risk 0.51cvss 7.8epss 0.00

    A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code…

  • CVE-2019-15627HigOct 17, 2019
    risk 0.49cvss 7.1epss 0.01

    Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, which may lead to availability impact. Local OS access is required. Please note that only Windows agents are affected.

  • CVE-2019-15626HigOct 17, 2019
    risk 0.49cvss 7.5epss 0.02

    The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a certain way, may transmit initial LDAP communication in clear text. This may result in confidentiality impact but does not impact integrity or availability.

  • CVE-2020-8602HigAug 27, 2020
    risk 0.47cvss 7.2epss 0.04

    A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution.

  • CVE-2025-30642MedJun 17, 2025
    risk 0.36cvss 5.5epss 0.00

    A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to create a denial of service (DoS) situation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…