Trend Micro Deep Security Vulnerable to Command Injection Attacks
gbhackersTrend Micro has released a critical update addressing a remote code execution (RCE) vulnerability (CVE-2024-51503) in its Trend Micro Deep Security 20 Agent.
This vulnerability, identified as a manual scan command injection flaw, allows attackers to execute arbitrary code on affected machines, potentially leading to privilege escalation across the domain.
This vulnerability affects the manual scan feature within Trend Micro Deep Security, specifically on systems running Deep Security 20.
An attacker who can execute low-privileged code on a target system may use this flaw to escalate privileges and inject commands, posing a serious security threat in corporate environments.
Maximizing Cybersecurity ROI: Expert Tips for SME & MSP Leaders – Attend Free Webinar
Affected Products
| Product | Affected Version(s) | Platform | Language(s) |
| Deep Security Agent | Versions before 20.0.1-21510 | Windows | English |
| Deep Security Notifier on DSVA | Version 20.0.0-8438 only | Windows VM | English |
To mitigate this vulnerability, Trend Micro has ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE