Published:2022/10/07  Last Updated:2022/10/07

JVNVU#99960963
Multiple vulnerabilities in Trend Micro Deep Security and Cloud One - Workload Security agents for Windows

Overview

Trend Micro Incorporated has released a security update for Trend Micro Deep Security and Cloud One - Workload Security agents for Windows.

Products Affected

Windows-based agents of the following products are affected by these vulnerabilities.

  • Deep Security Agent Version 20
  • Cloud One - Workload Security Agent Version 20

Description

Trend Micro Incorporated has released a security update for Trend Micro Deep Security and Cloud One - Workload Security agents for Windows.

Impact

  • Information disclosure due to an Out-Of-Bounds Read vulnerabilities
  • Privilege escalation due to link following vulnerability

Solution

Apply the patch
Apply the appropriate patch according to the information provided by the developer.

Vendor Status

Vendor Link
Trend Micro Incorporated SECURITY BULLETIN: September 2022 Security Bulletin for Trend Micro Deep Security 20 and Cloud One - Workload Security Agents

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia