Skip to main content

Deep Security Agent

11 CVEs product

Monthly

CVE-2025-30642 MEDIUM PATCH This Month

A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to create a denial of service (DoS) situation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Denial Of Service Deep Security Agent
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-30641 HIGH PATCH This Week

Link following (symlink) vulnerability in Trend Micro Deep Security 20.0 agent's anti-malware component that enables local privilege escalation. An attacker with low-privileged code execution can exploit this to gain elevated system privileges (confidentiality, integrity, and availability impact). While no public exploit or active exploitation in the wild has been confirmed, the CVSS 7.8 score and low attack complexity indicate this poses a significant risk to organizations running vulnerable versions.

Privilege Escalation Trend Micro Deep Security Agent
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-30640 HIGH PATCH This Week

Link following vulnerability (symlink attack) in Trend Micro Deep Security 20.0 agents that enables local privilege escalation on affected systems. An attacker with low-privileged code execution capability can exploit this flaw to gain high-level system access. The vulnerability has a CVSS score of 7.8 with high impact across confidentiality, integrity, and availability; KEV and POC status are not confirmed in available data, but the low attack complexity and low privilege requirement indicate moderate real-world risk once initial code execution is obtained.

Privilege Escalation Trend Micro Path Traversal Deep Security Agent
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-55955 HIGH This Week

An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Deep Security Agent
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2024-51503 HIGH This Week

A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Trend Micro Deep Security Agent
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2024-48903 HIGH This Week

An improper access control vulnerability in Trend Micro Deep Security Agent 20 could allow a local attacker to escalate privileges on affected installations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Deep Security Agent
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2024-36358 HIGH This Week

A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Deep Security Agent
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-40710 HIGH This Week

A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Trend Micro Privilege Escalation Deep Security Agent
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-40709 LOW Monitor

An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Trend Micro Buffer Overflow Deep Security Agent
NVD
CVSS 3.1
3.3
EPSS
0.4%
CVE-2022-40708 LOW Monitor

An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Trend Micro Buffer Overflow Deep Security Agent
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2022-40707 LOW Monitor

An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Trend Micro Buffer Overflow Deep Security Agent
NVD
CVSS 3.1
3.3
EPSS
0.2%
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to create a denial of service (DoS) situation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Denial Of Service Deep Security Agent
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Link following (symlink) vulnerability in Trend Micro Deep Security 20.0 agent's anti-malware component that enables local privilege escalation. An attacker with low-privileged code execution can exploit this to gain elevated system privileges (confidentiality, integrity, and availability impact). While no public exploit or active exploitation in the wild has been confirmed, the CVSS 7.8 score and low attack complexity indicate this poses a significant risk to organizations running vulnerable versions.

Privilege Escalation Trend Micro Deep Security Agent
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Link following vulnerability (symlink attack) in Trend Micro Deep Security 20.0 agents that enables local privilege escalation on affected systems. An attacker with low-privileged code execution capability can exploit this flaw to gain high-level system access. The vulnerability has a CVSS score of 7.8 with high impact across confidentiality, integrity, and availability; KEV and POC status are not confirmed in available data, but the low attack complexity and low privilege requirement indicate moderate real-world risk once initial code execution is obtained.

Privilege Escalation Trend Micro Path Traversal +1
NVD
EPSS 0% CVSS 7.3
HIGH This Week

An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Deep Security Agent
NVD
EPSS 4% CVSS 8.8
HIGH This Week

A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Trend Micro +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An improper access control vulnerability in Trend Micro Deep Security Agent 20 could allow a local attacker to escalate privileges on affected installations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Deep Security Agent
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Deep Security Agent
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Trend Micro Privilege Escalation +1
NVD
EPSS 0% CVSS 3.3
LOW Monitor

An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Trend Micro +2
NVD
EPSS 0% CVSS 3.3
LOW Monitor

An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Trend Micro +2
NVD
EPSS 0% CVSS 3.3
LOW Monitor

An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Trend Micro +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy