Improper Access Control Vulnerability in Trend Micro Deep Security Agent 20 Could Lead to Escalated Privileges
CVE-2024-48903

Currently unrated

Key Information:

Vendor: Trend Micro
Vendor: CVE Published:; 22 October 2024

Summary

An improper access control vulnerability in Trend Micro Deep Security Agent 20 could allow a local attacker to escalate privileges on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

References

https://success.trendmicro.com/en-US/solution/KA-0017997

https://www.zerodayinitiative.com/advisories/ZDI-24-1419/

Timeline

Vulnerability published
Oct 22, 2024