All the vulnerabilites related to Trend Micro - Trend Micro Deep Security
cve-2020-8602
Vulnerability from cvelistv5
Published
2020-08-27 20:35
Modified
2024-08-04 10:03
Severity ?
Summary
A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution.
References
Impacted products
Vendor Product Version
Trend Micro Trend Micro Vulnerability Management Version: 2.0 SP2
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T10:03:46.269Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000252039"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Deep Security",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "10.0, 11.0, 12.0"
            }
          ]
        },
        {
          "product": "Trend Micro Vulnerability Management",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "2.0 SP2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Integrity Verification Bypass",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-27T20:35:19",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/solution/000252039"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2020-8602",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro Deep Security",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.0, 11.0, 12.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Trend Micro Vulnerability Management",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2.0 SP2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Integrity Verification Bypass"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/000252039",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/solution/000252039"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2020-8602",
    "datePublished": "2020-08-27T20:35:19",
    "dateReserved": "2020-02-04T00:00:00",
    "dateUpdated": "2024-08-04T10:03:46.269Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-9488
Vulnerability from cvelistv5
Published
2019-09-11 18:00
Modified
2024-08-04 21:54
Severity ?
Summary
Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager (DSM).
References
https://success.trendmicro.com/solution/1122900x_refsource_CONFIRM
Impacted products
Vendor Product Version
Trend Micro Trend Micro Vulnerability Protection Version: 2.0
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T21:54:44.150Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/1122900"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Deep Security",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "10.x"
            },
            {
              "status": "affected",
              "version": "11.x"
            }
          ]
        },
        {
          "product": "Trend Micro Vulnerability Protection",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "2.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager (DSM)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "XXE Attack",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-09-11T18:00:08",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://success.trendmicro.com/solution/1122900"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2019-9488",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro Deep Security",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.x"
                          },
                          {
                            "version_value": "11.x"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Trend Micro Vulnerability Protection",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager (DSM)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "XXE Attack"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/1122900",
              "refsource": "CONFIRM",
              "url": "https://success.trendmicro.com/solution/1122900"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2019-9488",
    "datePublished": "2019-09-11T18:00:08",
    "dateReserved": "2019-03-01T00:00:00",
    "dateUpdated": "2024-08-04T21:54:44.150Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-40709
Vulnerability from cvelistv5
Published
2022-09-28 21:10
Modified
2024-11-20 14:56
Severity ?
Summary
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707 and 40708.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:21:46.453Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000291590"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1299/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-40709",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-28T16:15:39.029523Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-20T14:56:09.409Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Deep Security",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "20"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707 and 40708."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Out-Of-Bounds Read Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-28T21:10:24",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/solution/000291590"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1299/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2022-40709",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro Deep Security",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "20"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707 and 40708."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Out-Of-Bounds Read Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/000291590",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/solution/000291590"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-22-1299/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1299/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2022-40709",
    "datePublished": "2022-09-28T21:10:24",
    "dateReserved": "2022-09-14T00:00:00",
    "dateUpdated": "2024-11-20T14:56:09.409Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-15601
Vulnerability from cvelistv5
Published
2020-08-27 20:35
Modified
2024-08-04 13:22
Severity ?
Summary
If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:22:30.378Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000252039"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1077/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Deep Security",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "10.0, 11.0, 12.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Authentication Bypass",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-27T20:35:18",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/solution/000252039"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1077/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2020-15601",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro Deep Security",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.0, 11.0, 12.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Authentication Bypass"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/000252039",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/solution/000252039"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1077/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1077/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2020-15601",
    "datePublished": "2020-08-27T20:35:18",
    "dateReserved": "2020-07-07T00:00:00",
    "dateUpdated": "2024-08-04T13:22:30.378Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-40710
Vulnerability from cvelistv5
Published
2022-09-28 21:10
Modified
2024-08-03 12:21
Severity ?
Summary
A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:21:46.609Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000291590"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1296/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Deep Security",
          "vendor": "Trend Micro",
          "versions": [
            {
              "lessThan": "20.0.0.5394",
              "status": "affected",
              "version": "20.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Link Following LPE",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-02T18:29:35.010Z",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/solution/000291590"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1296/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2022-40710",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro Deep Security",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "20"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Link Following LPE"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/000291590",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/solution/000291590"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-22-1296/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1296/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2022-40710",
    "datePublished": "2022-09-28T21:10:25",
    "dateReserved": "2022-09-14T00:00:00",
    "dateUpdated": "2024-08-03T12:21:46.609Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-8607
Vulnerability from cvelistv5
Published
2020-08-05 14:05
Modified
2024-08-04 10:03
Severity ?
Summary
An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability.
Impacted products
Vendor Product Version
Trend Micro Trend Micro OfficeScan Version: XG SP1
Trend Micro Trend Micro Deep Security Version: 12.x, 11.x. 10.x
Trend Micro Trend Micro Worry-Free Business Security Version: 10.0 SP1, Services (SaaS)
Trend Micro Trend Micro Security (Consumer Family) Version: 2020 (v16), 2019 (v15)
Trend Micro Trend Micro Safe Lock Version: 2.0 SP1, TXOne Ed
Trend Micro Trend Micro ServerProtect Version: SPFS 6.0, SPNAF 5.8, SPEMC 5.8, SPNT 5.8
Trend Micro Trend Micro Portable Security Version: 3.x, 2.x
Trend Micro Trend Micro HouseCall Version: 8.0
Trend Micro Trend Micro Anti-Threat Toolkit (ATTK) Version: 1.62.1240 and below
Trend Micro Trend Micro Rootkit Buster Version: 2.2
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T10:03:46.363Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000260713"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/jp/solution/000260748"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://jvn.jp/vu/JVNVU99160193/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://jvn.jp/en/vu/JVNVU99160193/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Apex One",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "2019 (On premise), SaaS"
            }
          ]
        },
        {
          "product": "Trend Micro OfficeScan",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "XG SP1"
            }
          ]
        },
        {
          "product": "Trend Micro Deep Security",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "12.x, 11.x. 10.x"
            }
          ]
        },
        {
          "product": "Trend Micro Worry-Free Business Security",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "10.0 SP1, Services (SaaS)"
            }
          ]
        },
        {
          "product": "Trend Micro Security (Consumer Family)",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "2020 (v16), 2019 (v15)"
            }
          ]
        },
        {
          "product": "Trend Micro Safe Lock",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "2.0 SP1, TXOne Ed"
            }
          ]
        },
        {
          "product": "Trend Micro ServerProtect",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "SPFS 6.0, SPNAF 5.8, SPEMC 5.8, SPNT 5.8"
            }
          ]
        },
        {
          "product": "Trend Micro Portable Security",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "3.x, 2.x"
            }
          ]
        },
        {
          "product": "Trend Micro HouseCall",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "8.0"
            }
          ]
        },
        {
          "product": "Trend Micro Anti-Threat Toolkit (ATTK)",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "1.62.1240 and below"
            }
          ]
        },
        {
          "product": "Trend Micro Rootkit Buster",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "2.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Input Validation",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-05T14:05:22",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/solution/000260713"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/jp/solution/000260748"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://jvn.jp/vu/JVNVU99160193/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://jvn.jp/en/vu/JVNVU99160193/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2020-8607",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro Apex One",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2019 (On premise), SaaS"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Trend Micro OfficeScan",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "XG SP1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Trend Micro Deep Security",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "12.x, 11.x. 10.x"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Trend Micro Worry-Free Business Security",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.0 SP1, Services (SaaS)"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Trend Micro Security (Consumer Family)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2020 (v16), 2019 (v15)"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Trend Micro Safe Lock",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2.0 SP1, TXOne Ed"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Trend Micro ServerProtect",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "SPFS 6.0, SPNAF 5.8, SPEMC 5.8, SPNT 5.8"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Trend Micro Portable Security",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "3.x, 2.x"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Trend Micro HouseCall",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "8.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Trend Micro Anti-Threat Toolkit (ATTK)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "1.62.1240 and below"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Trend Micro Rootkit Buster",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Improper Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/000260713",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/solution/000260713"
            },
            {
              "name": "https://success.trendmicro.com/jp/solution/000260748",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/jp/solution/000260748"
            },
            {
              "name": "https://jvn.jp/vu/JVNVU99160193/",
              "refsource": "MISC",
              "url": "https://jvn.jp/vu/JVNVU99160193/"
            },
            {
              "name": "https://jvn.jp/en/vu/JVNVU99160193/index.html",
              "refsource": "MISC",
              "url": "https://jvn.jp/en/vu/JVNVU99160193/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2020-8607",
    "datePublished": "2020-08-05T14:05:23",
    "dateReserved": "2020-02-04T00:00:00",
    "dateUpdated": "2024-08-04T10:03:46.363Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-40707
Vulnerability from cvelistv5
Published
2022-09-28 21:10
Modified
2024-08-03 12:21
Severity ?
Summary
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40708.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:21:46.562Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000291590"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1297/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Deep Security",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "20"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40708."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Out-Of-Bounds Read Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-28T21:10:22",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/solution/000291590"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1297/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2022-40707",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro Deep Security",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "20"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40708."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Out-Of-Bounds Read Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/000291590",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/solution/000291590"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-22-1297/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1297/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2022-40707",
    "datePublished": "2022-09-28T21:10:22",
    "dateReserved": "2022-09-14T00:00:00",
    "dateUpdated": "2024-08-03T12:21:46.562Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-40708
Vulnerability from cvelistv5
Published
2022-09-28 21:10
Modified
2024-08-03 12:21
Severity ?
Summary
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:21:46.401Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000291590"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1298/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Deep Security",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "20"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Out-Of-Bounds Read Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-28T21:10:23",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/solution/000291590"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1298/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2022-40708",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro Deep Security",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "20"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Out-Of-Bounds Read Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/000291590",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/solution/000291590"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-22-1298/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1298/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2022-40708",
    "datePublished": "2022-09-28T21:10:23",
    "dateReserved": "2022-09-14T00:00:00",
    "dateUpdated": "2024-08-03T12:21:46.401Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}