Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
4DescriptionCVE.org
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to create a denial of service (DoS) situation on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Analysis
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to create a denial of service (DoS) situation on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Technical ContextAI
A denial of service vulnerability allows an attacker to disrupt the normal functioning of a system, making it unavailable to legitimate users. This vulnerability is classified as Improper Link Resolution Before File Access (CWE-59).
RemediationAI
Implement rate limiting and input validation. Use timeout mechanisms for resource-intensive operations. Deploy DDoS protection where applicable.
More in Deep Security Agent
View allA security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an at
Link following (symlink) vulnerability in Trend Micro Deep Security 20.0 agent's anti-malware component that enables loc
Link following vulnerability (symlink attack) in Trend Micro Deep Security 20.0 agents that enables local privilege esca
An improper access control vulnerability in Trend Micro Deep Security Agent 20 could allow a local attacker to escalate
A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local atta
A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could
An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows
Same weakness CWE-59 – Improper Link Resolution Before File Access
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-27794