Multiple vulnerabilities in Trend Micro Deep Security Agent
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2022-23119 CVE-2022-23120 |
| CWE-ID | CWE-22 CWE-94 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Deep Security Client/Desktop applications / Software for system administration |
| Vendor | Trend Micro |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Path traversal
EUVDB-ID: #VU59841
Risk: Low
CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-23119
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to input validation error when processing directory traversal sequences. A local user with access to Deep Security Manager (DSM) prior to agent activation can create a specially crafted file and execute arbitrary code on the system with elevated privileges.
Install update from vendor's website.
Vulnerable software versionsDeep Security: 10.0 - 20.0 LTS
External linkshttp://success.trendmicro.com/solution/000290104
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Code Injection
EUVDB-ID: #VU59842
Risk: Low
CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-23120
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
Install updates from vendor's website.
Vulnerable software versionsDeep Security: 10.0 - 20.0 LTS
External linkshttp://success.trendmicro.com/solution/000290104
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
