TrendMicro Deep Security
By the Year
In 2023 there have been 0 vulnerabilities in TrendMicro Deep Security . Last year Deep Security had 4 security vulnerabilities published. Right now, Deep Security is on track to have less security vulnerabilities in 2023 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 0 | 0.00 |
| 2022 | 4 | 4.43 |
| 2021 | 1 | 5.50 |
| 2020 | 0 | 0.00 |
| 2019 | 1 | 7.50 |
| 2018 | 1 | 7.00 |
It may take a day or so for new Deep Security vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent TrendMicro Deep Security Security Vulnerabilities
A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could
CVE-2022-40710
7.8 - High
- September 28, 2022
A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
insecure temporary file
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could
CVE-2022-40709
3.3 - Low
- September 28, 2022
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707 and 40708.
Out-of-bounds Read
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could
CVE-2022-40708
3.3 - Low
- September 28, 2022
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707.
Out-of-bounds Read
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could
CVE-2022-40707
3.3 - Low
- September 28, 2022
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40708.
Out-of-bounds Read
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability
CVE-2021-25252
5.5 - Medium
- March 03, 2021
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
Resource Exhaustion
The Deep Security Manager application (Versions 10.0
CVE-2019-15626
7.5 - High
- October 17, 2019
The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a certain way, may transmit initial LDAP communication in clear text. This may result in confidentiality impact but does not impact integrity or availability.
Cleartext Transmission of Sensitive Information
A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could
CVE-2018-6218
7 - High
- February 16, 2018
A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.
Untrusted Path
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for TrendMicro Worry Free Business Security or by TrendMicro? Click the Watch button to subscribe.
