Published:2022/01/24  Last Updated:2022/01/24

JVNVU#95024141
Multiple vulnerabilities in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux

Overview

Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux contain multiple vulnerabilities.

Products Affected

Linux/UNIX-based agents of the following products are affected by these vulnerabilities.

  • Deep Security Agent for Linux Versions 20 and earlier
  • Cloud One - Workload Security
According to the developer, Deep Security Agent for Windows is not affected by these vulnerabilities.

Description

Deep Security and Cloud One - Workload Security Agent for Linux provided by Trend Micro Incorporated contain multiple vulnerabilities listed below.

  • Directory Traversal (CWE-22) - CVE-2022-23119
    CVSS v3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score: 7.0
  • Code Injection (CWE-94) - CVE-2022-23120
    CVSS v3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score: 7.0
As of 2022 January 24, a Proof-of-Concept (PoC) code exploiting these vulnerabilities have already been made public.

Impact

  • An attacker who can log in to the product may obtain the files in the product - CVE-2022-23119
  • An attacker who can log in to the product may obtain administrative privileges. As a result, arbitrary code may be executed with root privileges - CVE-2022-23120

Solution

Apply the patch
Apply the appropriate patch according to the information provided by the developer.

Vendor Status

Vendor Link
Trend Micro Incorporated SECURITY BULLETIN: Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux Directory Traversal & Code Injection Local Privilege Escalation Vulnerabilities

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia