• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

deep_security

CVE-2019-15626

February 26, 2023 by

The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a certain way, may transmit initial LDAP communication in clear text. This may result in confidentiality impact but does not impact integrity or availability.

CVE-2019-15627

February 26, 2023 by

Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, which may lead to availability impact. Local OS access is required. Please note that only Windows agents are affected.

CVE-2022-40707

February 23, 2023 by godfreyd94

An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One – Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40708.

CVE-2022-40708

February 23, 2023 by godfreyd94

An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One – Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707.

CVE-2022-40709

February 23, 2023 by godfreyd94

An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One – Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707 and 40708.

CVE-2022-40710

February 23, 2023 by godfreyd94

A link following vulnerability in Trend Micro Deep Security 20 and Cloud One – Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE