Trend Micro Maximum Security vulnerable to improper link resolution (CVE-2024-32849)


Trend Micro Incorporated has released a security update for Trend Micro Maximum Security, fixing an improper link resolution vulnerability(CWE-59, CVE-2024-32849).

Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.
CVSS Severity (What is CVSS?)

Affected Products

Trend Micro, Inc.
  • Trend Micro Maximum Security 17.7, prior to 17.7.1979


Trend Micro files may be deleted.
For more information, refer to the information provided by the developer.

[Update the software]
Update the software to the latest version according to the information provided by the developer.
The update that addresses this vulnerability is available and is automatically applied through the product's ActiveUpdate feature.
Vendor Information

Trend Micro, Inc.
CWE (What is CWE?)

  1. Link Following(CWE-59) [Other]
CVE (What is CVE?)

  1. CVE-2024-32849

  1. JVN : JVNVU#97614828
Revision History

  • [2024/05/08]
      Web page was published