Vulnerability-Lookup

CVE-2024-36358 (GCVE-0-2024-36358)

Vulnerability from cvelistv5 – Published: 2024-06-10 21:21 – Updated: 2025-03-13 13:55

Summary

A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-1106 - Insufficient Use of Symbolic Constants

Assigner

trendmicro

References

URL

	Vendor	Product	Version
	Trend Micro, Inc.	Trend Micro Deep Security Agent	Affected: 20 , < 20.0.1-3180 (semver)

GHSA-7333-WPQM-63V7

Vulnerability from github – Published: 2024-06-11 00:30 – Updated: 2024-06-11 00:30

Details

A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Severity ?

7.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-36358"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1106"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-10T22:15:11Z",
    "severity": "HIGH"
  },
  "details": "A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations.\n\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",
  "id": "GHSA-7333-wpqm-63v7",
  "modified": "2024-06-11T00:30:40Z",
  "published": "2024-06-11T00:30:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36358"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/dcx/s/solution/000298151"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-575"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2024-AVI-0455

Vulnerability from certfr_avis - Published: 2024-05-31 - Updated: 2024-05-31

De multiples vulnérabilités ont été découvertes dans les produits Trend Micro. Elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Trend Micro	Deep Security Agent	Deep Security Agent versions 20.0.x antérieures à 20.0.1-9400 pour Windows
Trend Micro	IWSVA	IWSVA versions 6.5 antérieures à 6.5 SP3 Patch 2 (b3367)
Trend Micro	Apex One	Apex One versions 2019 antérieures à SP1 CP b12980
Trend Micro	Apex One	Apex One as a Service sans le dernier correctif de sécurité

References

Title

Publication Time

FKIE_CVE-2024-36358

Vulnerability from fkie_nvd - Published: 2024-06-10 22:15 - Updated: 2025-10-23 12:26

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security@trendmicro.com	https://success.trendmicro.com/dcx/s/solution/000298151	Broken Link
security@trendmicro.com	https://www.zerodayinitiative.com/advisories/ZDI-24-575/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://success.trendmicro.com/dcx/s/solution/000298151	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://www.zerodayinitiative.com/advisories/ZDI-24-575/	Third Party Advisory

Impacted products

Vendor	Product	Version
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0.1
linux	linux_kernel	-
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0.1
trendmicro	deep_security_agent	20.0.1
microsoft	windows	-
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0
trendmicro	deep_security_agent	20.0.1
opengroup	unix	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1194:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "4BE1D2F8-3F0E-4E43-AB20-BB9F280B27EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1304:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "5C1275B0-D75C-4EBD-8009-F171C0F53D3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1337:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "395BE207-3450-4DD8-A5B4-CA005A8A29E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1559:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "10692943-0205-42F3-8EBC-64499CC0A3D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1681:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F3DDAC1A-C2E5-4FFB-8A69-80819D39CF5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1822:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "6201FA1A-1F94-46DF-A7EE-6F4DE2910131",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1876:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "E667A20B-65ED-434F-8A5F-220C87B175EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2009:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "2CCE7E62-6CBE-476F-A9E5-52790F90E5BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2204:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "920B4F3B-2D78-4B71-8B65-8AEF6AF2C735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2395:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "C1630066-82A7-45B6-8C9B-5E33544057E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2593:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "A61BF475-18D9-4246-91C7-7A1B6A7B44AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2971:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "302E31AA-AF51-4869-BA2F-832299A5C648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3165:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "9FD0C979-641F-482B-9D05-B3B9A5F6D443",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3288:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F56F3E88-3E65-4C3E-932D-6C8404F5A1BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3445:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "2FF0DE00-851E-4185-8C0C-172252E3E7C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3770:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "3BBF5ADC-D0D4-4BF4-989F-84EAF7573855",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4185:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "87821A85-93F2-422B-8876-CF3729D99594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4416:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "0C3E959C-D6D5-4DF0-A26E-95EBDCB8C901",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4726:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F2F3C583-2A09-4448-B384-273B48D2B4E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4959:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "445BA171-0190-429A-8D4F-F857CEA5361E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5137:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "95889F1E-931E-40E4-99A1-9C1A4A8B0847",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5394:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "3E57A0B9-FD42-4BC2-8E77-473C231E8C26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5512:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "9A36042B-CE11-400C-A3E9-675FA01DFD79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5761:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "CA857632-5129-484C-9180-DC3B1A7A99E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5953:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "7504575F-3A63-4299-B355-682F495BD769",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update6313:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "C8B125A6-071C-40BD-BEF8-3349D69B8FBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update6658:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "78CC9093-3CB7-486A-AF1A-189EA52BBF43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update6912:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "166C9EC4-3A3A-437E-9B71-E8A95808454D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7119:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "45F6F599-6DFD-4FAC-A3BC-DA04337FBF99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7303:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "AF3BF95D-BE53-48CF-AC59-7E53B3245E84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7476:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "CA991E32-E28D-4310-8578-DD92033AEEB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7719:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "41CFF915-1DD8-4C9F-8B43-04BCDA0C5068",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7943:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "C88FD401-BDA4-4080-B56D-D9A980236A9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update8137:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "56A61850-1C9F-420B-88CF-D2D92BF1709E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update8268:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "6CEB092E-8D28-478E-BEA9-D489EC63D689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update8438:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "1CDA7299-C070-405E-BE53-1B235D6C5CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update8453:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "7FC6D105-41D4-41BF-BD43-0EA1C69EC47D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update877:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "BF1E7ABB-DEF9-4CBD-B269-3091DC1CF2A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update690:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "AF6B83AD-8517-4952-890B-4CF725407131",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1337:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "395BE207-3450-4DD8-A5B4-CA005A8A29E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1559:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "10692943-0205-42F3-8EBC-64499CC0A3D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1681:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F3DDAC1A-C2E5-4FFB-8A69-80819D39CF5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1822:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "6201FA1A-1F94-46DF-A7EE-6F4DE2910131",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1876:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "E667A20B-65ED-434F-8A5F-220C87B175EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2009:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "2CCE7E62-6CBE-476F-A9E5-52790F90E5BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2204:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "920B4F3B-2D78-4B71-8B65-8AEF6AF2C735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2419:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "236653DA-EE2C-4923-A5C8-CC32305626FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2593:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "A61BF475-18D9-4246-91C7-7A1B6A7B44AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2740:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "DC90635A-4FEB-4F7A-B0BD-D4CCD1183A3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2921:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "6D12CADF-AAA4-4E0B-93EC-81C5C3BDCA47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3165:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "9FD0C979-641F-482B-9D05-B3B9A5F6D443",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3288:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F56F3E88-3E65-4C3E-932D-6C8404F5A1BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3445:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "2FF0DE00-851E-4185-8C0C-172252E3E7C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3530:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "57A322DB-9E37-4508-B904-51F0305D4B9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3771:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "9CEFF34B-1B17-416F-9068-9CE5DAC0F19D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3964:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "87A77C12-0F5C-4EA7-96BA-8B14E2795E69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4185:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "87821A85-93F2-422B-8876-CF3729D99594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4416:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "0C3E959C-D6D5-4DF0-A26E-95EBDCB8C901",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4726:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F2F3C583-2A09-4448-B384-273B48D2B4E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4959:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "445BA171-0190-429A-8D4F-F857CEA5361E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5137:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "95889F1E-931E-40E4-99A1-9C1A4A8B0847",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5394:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "3E57A0B9-FD42-4BC2-8E77-473C231E8C26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5512:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "9A36042B-CE11-400C-A3E9-675FA01DFD79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5810:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "73312B15-FF4F-4576-A6DC-90E7DDC16177",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5995:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "EC926B09-2153-408D-96D1-339BC6CA3E74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update6313:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "C8B125A6-071C-40BD-BEF8-3349D69B8FBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update6690:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "8798E437-2DF9-4128-95A4-D6E428BB68F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update6860:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "530A146D-8ACA-4EC3-A431-E732CDCBEF5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7119:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "45F6F599-6DFD-4FAC-A3BC-DA04337FBF99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7303:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "AF3BF95D-BE53-48CF-AC59-7E53B3245E84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7476:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "CA991E32-E28D-4310-8578-DD92033AEEB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7719:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "41CFF915-1DD8-4C9F-8B43-04BCDA0C5068",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7943:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "C88FD401-BDA4-4080-B56D-D9A980236A9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update8137:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "56A61850-1C9F-420B-88CF-D2D92BF1709E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update8268:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "6CEB092E-8D28-478E-BEA9-D489EC63D689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update8438:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "1CDA7299-C070-405E-BE53-1B235D6C5CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update877:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "BF1E7ABB-DEF9-4CBD-B269-3091DC1CF2A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update690:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "AF6B83AD-8517-4952-890B-4CF725407131",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update700:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "26E9FE45-48C7-4745-BD8D-F72907AAC469",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1194:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "4BE1D2F8-3F0E-4E43-AB20-BB9F280B27EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1304:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "5C1275B0-D75C-4EBD-8009-F171C0F53D3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1337:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "395BE207-3450-4DD8-A5B4-CA005A8A29E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1559:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "10692943-0205-42F3-8EBC-64499CC0A3D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1681:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F3DDAC1A-C2E5-4FFB-8A69-80819D39CF5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1822:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "6201FA1A-1F94-46DF-A7EE-6F4DE2910131",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update1876:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "E667A20B-65ED-434F-8A5F-220C87B175EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2009:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "2CCE7E62-6CBE-476F-A9E5-52790F90E5BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2204:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "920B4F3B-2D78-4B71-8B65-8AEF6AF2C735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2395:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "C1630066-82A7-45B6-8C9B-5E33544057E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2593:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "A61BF475-18D9-4246-91C7-7A1B6A7B44AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2740:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "DC90635A-4FEB-4F7A-B0BD-D4CCD1183A3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update2921:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "6D12CADF-AAA4-4E0B-93EC-81C5C3BDCA47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3165:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "9FD0C979-641F-482B-9D05-B3B9A5F6D443",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3288:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F56F3E88-3E65-4C3E-932D-6C8404F5A1BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3445:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "2FF0DE00-851E-4185-8C0C-172252E3E7C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3770:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "3BBF5ADC-D0D4-4BF4-989F-84EAF7573855",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update3964:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "87A77C12-0F5C-4EA7-96BA-8B14E2795E69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4185:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "87821A85-93F2-422B-8876-CF3729D99594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4416:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "0C3E959C-D6D5-4DF0-A26E-95EBDCB8C901",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4726:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F2F3C583-2A09-4448-B384-273B48D2B4E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update4959:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "445BA171-0190-429A-8D4F-F857CEA5361E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5137:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "95889F1E-931E-40E4-99A1-9C1A4A8B0847",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5394:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "3E57A0B9-FD42-4BC2-8E77-473C231E8C26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5512:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "9A36042B-CE11-400C-A3E9-675FA01DFD79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5761:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "CA857632-5129-484C-9180-DC3B1A7A99E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5953:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "7504575F-3A63-4299-B355-682F495BD769",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update6313:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "C8B125A6-071C-40BD-BEF8-3349D69B8FBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update6658:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "78CC9093-3CB7-486A-AF1A-189EA52BBF43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update6912:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "166C9EC4-3A3A-437E-9B71-E8A95808454D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7119:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "45F6F599-6DFD-4FAC-A3BC-DA04337FBF99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7303:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "AF3BF95D-BE53-48CF-AC59-7E53B3245E84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7476:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "CA991E32-E28D-4310-8578-DD92033AEEB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7719:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "41CFF915-1DD8-4C9F-8B43-04BCDA0C5068",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update7943:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "C88FD401-BDA4-4080-B56D-D9A980236A9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update8137:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "56A61850-1C9F-420B-88CF-D2D92BF1709E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update8268:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "6CEB092E-8D28-478E-BEA9-D489EC63D689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update8438:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "1CDA7299-C070-405E-BE53-1B235D6C5CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0:update877:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "BF1E7ABB-DEF9-4CBD-B269-3091DC1CF2A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update690:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "AF6B83AD-8517-4952-890B-4CF725407131",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A90CB3A-9BE7-475C-9E75-6ECAD2106302",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
    },
    {
      "lang": "es",
      "value": "Un enlace que sigue a una vulnerabilidad en los agentes Trend Micro Deep Security 20.x por debajo de la compilaci\u00f3n 20.0.1-3180 podr\u00eda permitir a un atacante local escalar privilegios en las instalaciones afectadas. Tenga en cuenta: un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad."
    }
  ],
  "id": "CVE-2024-36358",
  "lastModified": "2025-10-23T12:26:12.277",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "security@trendmicro.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-06-10T22:15:11.230",
  "references": [
    {
      "source": "security@trendmicro.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://success.trendmicro.com/dcx/s/solution/000298151"
    },
    {
      "source": "security@trendmicro.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-575/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://success.trendmicro.com/dcx/s/solution/000298151"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-575/"
    }
  ],
  "sourceIdentifier": "security@trendmicro.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1106"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

JVNDB-2024-003645

Vulnerability from jvndb - Published: 2024-06-20 14:59 - Updated:2024-06-20 14:59

Summary

Multiple vulnerabilities in multiple Trend Micro products

Details

Trend Micro Incorporated has released security updates for multiple Trend Micro products. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

References

Type

URL

	JVN	https://jvn.jp/en/vu/JVNVU99027428/index.html
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-36302
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-36303
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-36304
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-36305
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-36306
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-36307
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-37289
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-36358
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-36359

Impacted products

Vendor

Product

	Trend Micro, Inc.	Apex One
	Trend Micro, Inc.	Apex One as a Service
	Trend Micro, Inc.	Deep Security Agent
	Trend Micro, Inc.	TrendMicro InterScan Web Security Virtual Appliance

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003645.html",
  "dc:date": "2024-06-20T14:59+09:00",
  "dcterms:issued": "2024-06-20T14:59+09:00",
  "dcterms:modified": "2024-06-20T14:59+09:00",
  "description": "Trend Micro Incorporated has released security updates for multiple Trend Micro products.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003645.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:trendmicro:apex_one",
      "@product": "Apex One",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:apex_one_as_a_service",
      "@product": "Apex One as a Service",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:deep_security_agent",
      "@product": "Deep Security Agent",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:interscan_web_security_virtual_appliance",
      "@product": "TrendMicro InterScan Web Security Virtual Appliance",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:identifier": "JVNDB-2024-003645",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU99027428/index.html",
      "@id": "JVNVU#99027428",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36302",
      "@id": "CVE-2024-36302",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36303",
      "@id": "CVE-2024-36303",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36304",
      "@id": "CVE-2024-36304",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36305",
      "@id": "CVE-2024-36305",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36306",
      "@id": "CVE-2024-36306",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36307",
      "@id": "CVE-2024-36307",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-37289",
      "@id": "CVE-2024-37289",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36358",
      "@id": "CVE-2024-36358",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36359",
      "@id": "CVE-2024-36359",
      "@source": "CVE"
    }
  ],
  "title": "Multiple vulnerabilities in multiple Trend Micro products"
}

CNVD-2024-40822

Vulnerability from cnvd - Published: 2024-10-16

Title

Trend Micro Deep Security权限提升漏洞

Description

Trend Micro Deep Security是美国趋势科技（Trend Micro）公司的一种服务器深度安全防护系统客户端。 Trend Micro Deep Security存在权限提升漏洞，攻击者可利用该漏洞提升权限，并在系统上下文中执行任意代码。

Severity

中

Patch Name

Trend Micro Deep Security权限提升漏洞的补丁

Patch Description

Trend Micro Deep Security是美国趋势科技（Trend Micro）公司的一种服务器深度安全防护系统客户端。 Trend Micro Deep Security存在权限提升漏洞，攻击者可利用该漏洞提升权限，并在系统上下文中执行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://success.trendmicro.com/dcx/s/solution/000298151

Reference

https://cxsecurity.com/cveshow/CVE-2024-36358/

Impacted products

Name
Trend Micro Deep Security 10.*，<20.0.1-3180

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-36358"
    }
  },
  "description": "Trend Micro Deep Security\u662f\u7f8e\u56fd\u8d8b\u52bf\u79d1\u6280\uff08Trend Micro\uff09\u516c\u53f8\u7684\u4e00\u79cd\u670d\u52a1\u5668\u6df1\u5ea6\u5b89\u5168\u9632\u62a4\u7cfb\u7edf\u5ba2\u6237\u7aef\u3002\n\nTrend Micro Deep Security\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\uff0c\u5e76\u5728\u7cfb\u7edf\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://success.trendmicro.com/dcx/s/solution/000298151",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-40822",
  "openTime": "2024-10-16",
  "patchDescription": "Trend Micro Deep Security\u662f\u7f8e\u56fd\u8d8b\u52bf\u79d1\u6280\uff08Trend Micro\uff09\u516c\u53f8\u7684\u4e00\u79cd\u670d\u52a1\u5668\u6df1\u5ea6\u5b89\u5168\u9632\u62a4\u7cfb\u7edf\u5ba2\u6237\u7aef\u3002\r\n\r\nTrend Micro Deep Security\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\uff0c\u5e76\u5728\u7cfb\u7edf\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Trend Micro Deep Security\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Trend Micro Deep Security 10.*\uff0c\u003c20.0.1-3180"
  },
  "referenceLink": "https://cxsecurity.com/cveshow/CVE-2024-36358/",
  "serverity": "\u4e2d",
  "submitTime": "2024-06-12",
  "title": "Trend Micro Deep Security\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-36358 (GCVE-0-2024-36358)

GHSA-7333-WPQM-63V7

CERTFR-2024-AVI-0455

Solutions

FKIE_CVE-2024-36358

JVNDB-2024-003645

CNVD-2024-40822

Tags

Sightings

Nomenclature