Published:2022/10/07  Last Updated:2022/10/07

JVNVU#99960963
Multiple vulnerabilities in Trend Micro Deep Security and Cloud One - Workload Security agents for Windows

Overview

Trend Micro Incorporated has released a security update for Trend Micro Deep Security and Cloud One - Workload Security agents for Windows.

Products Affected

Windows-based agents of the following products are affected by these vulnerabilities.

  • Deep Security Agent Version 20
  • Cloud One - Workload Security Agent Version 20

Description

Trend Micro Incorporated has released a security update for Trend Micro Deep Security and Cloud One - Workload Security agents for Windows.

Impact

  • Information disclosure due to an Out-Of-Bounds Read vulnerabilities
  • Privilege escalation due to link following vulnerability

Solution

Apply the patch
Apply the appropriate patch according to the information provided by the developer.

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia