|
[Japanese]
|
JVNDB-2024-015471
|
Trend Micro Deep Security 20.0 Agent (for Windows) vulnerable to uncontrolled search path element
|
|
Trend Micro Incorporated has released the security updates for Deep Security 20.0 Agent (for Windows) that contains a fix for an uncontrolled search path element vulnerability (CWE-427, CVE-2024-55955).
Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.
|
|
|
|
|
Trend Micro, Inc.
- Deep Security Agent (for Windows) Build between 20.0.1-9400 and 20.0.1-23340
|
|
|
A non-administrative user of Windows system where the affected product is installed may obtain the administrative privilege.
|
|
[Update the software]
Update Deep Security 20.0 Agent (for Windows) to the latest version according to the information provided by the developer.
The developer has released the following version that addresses the vulnerability.
* Deep Security 20.0 Agent (for Windows) Build: 20.0.1-23340 (20 LTS Update 2024-11-13)
|
|
Trend Micro, Inc.
|
|
- Uncontrolled Search Path Element(CWE-427) [Other]
|
|
- CVE-2024-55955
|
|
- JVN : JVNVU#92980681
|
|
- [2024/12/25]
Web page was published
|
