urlscan.io logo urlscan.io
SecurityTrails logo

www.cybersecurity-help.cz Open in urlscan Pro
62.210.13.228  Public Scan

Back to summary
URL: https://www.cybersecurity-help.cz/vdb/SB2022011942
Submission: On January 20 via api from US — Scanned from FR

Form analysis 1 forms found in the DOM

GET /vdb/list.php

<form action="/vdb/list.php" method="GET">
  <input type="hidden" name="search_line" value="Y">
  <div id="custom-search-input">
    <div class="input-group col-md-12">
      <input type="text" class="form-control input-sm" name="filter[%SEARCH]" value="" placeholder="Search vulnerability database">
      <span class="input-group-btn">
        <button class="btn btn-sm" type="submit">
          <i class="glyphicon glyphicon-search"></i>
        </button>
      </span>
    </div>
  </div>
  <br>
  <div class="form-group">
    <div class="kt-checkbox-inline col-lg-2 col-xl-2">
      <label class="kt-checkbox">
        <input type="checkbox" class="flat" name="filter[EXPLOIT]" value="Y"> With exploit <span></span>
      </label>
    </div>
    <div class="kt-checkbox-inline col-lg-2 col-xl-2">
      <label class="kt-checkbox">
        <input type="checkbox" class="flat" name="filter[PATCH]" value="Y"> With patch <span></span>
      </label>
    </div>
  </div>
</form>

Text Content

Register Login

Toggle navigation
 * SaaS Solutions
   * Vulnerability Intelligence
 * Pricing
 * Vulnerabilities
 * Reports
 * Blog
 * Contact Us
 * Career

 1. Main
 2. Vulnerability Database



With exploit
With patch


MULTIPLE VULNERABILITIES IN TREND MICRO DEEP SECURITY AGENT





Published: 2022-01-19
 * 
 * 
 * 
 * 
 * 
 * 
 * 

Risk Low Patch available YES Number of vulnerabilities 2 CVE-ID CVE-2022-23119
CVE-2022-23120
CWE-ID CWE-22
CWE-94
Exploitation vector Local Public exploit N/A Vulnerable software
Subscribe Deep Security
Client/Desktop applications / Software for system administration

Vendor Trend Micro






SECURITY BULLETIN

This security bulletin contains information about 2 vulnerabilities.



1) PATH TRAVERSAL

EUVDB-ID: #VU59841

Risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-23119

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory
('Path Traversal')


Exploit availability: No

Description



The vulnerability allows a local user to escalate privileges on the system.


The vulnerability exists due to input validation error when processing directory
traversal sequences. A local user with access to Deep Security Manager (DSM) 
prior to agent activation can create a specially crafted file and execute
arbitrary code on the system with elevated privileges.




Mitigation

Install update from vendor's website.

Vulnerable software versions

Deep Security: 10.0, 10.0 U1, 10.0 U2, 10.0 U3, 10.0 U4, 10.0 U5, 10.0 U6, 10.0
U7, 10.0 U8, 10.0 U9, 10.0 U10, 10.0 U11, 10.0 U12, 10.0 U13, 10.0 U14, 10.0
U15, 10.0 U16, 10.0 U17, 10.0 U18, 10.0 U19, 10.0 U20, 10.0 U21, 10.0 U22, 10.0
U23, 10.0 U24, 10.0 U25, 10.0 U26, 10.0 U27, 10.0 U28, 10.0 U29, 10.0 U30, 10.0
U31, 10.1 (Feature Release), 11.0, 11.0 U1, 11.0 U2, 11.0 U3, 11.0 U4, 11.0 U5,
11.0 U6, 11.0 U7, 11.0 U8, 11.0 U9, 11.0 U10, 11.0 U11, 11.0 U12, 11.0 U13, 11.0
U14, 11.0 U15, 11.0 U16, 11.0 U17, 11.0 U18, 11.0 U19, 11.0 U20, 11.0 U21, 11.0
U22, 11.0 U23, 11.0 U24, 11.0 U25, 11.0 U26, 11.0 U27, 12.0, 12.0 U1, 12.0 U2,
12.0 U3, 12.0 U4, 12.0 U5, 12.0 U6, 12.0 U7, 12.0 U8, 12.0 U9, 12.0 U10, 12.0
U11, 12.0 U12, 12.0 U13, 12.0 U14, 12.0 U15, 12.0 U16, 12.0 U17, 12.0 U18, 12.0
U19, 12.0 U20, 12.0 U21, 20.0 LTS

CPE2.3
 * cpe:2.3:a:trend_micro:deep_security:20.0 LTS:*:*:*:*:*:*:*
 * Full software list in CPE2.3 format available after registration.

External links

http://success.trendmicro.com/solution/000290104

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have
authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?



No. We are not aware of malware exploiting this vulnerability.

2) CODE INJECTION

EUVDB-ID: #VU59842

Risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-23120

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')


Exploit availability: No

Description



The vulnerability allows a local user to escalate privileges on the system.


The vulnerability exists due to input validation error when processing directory
traversal sequences. A local user with access to Deep Security Manager (DSM) 
prior to agent activation can execute arbitrary code with elevated privileges.



Mitigation

Install updates from vendor's website.

Vulnerable software versions

Deep Security: 10.0, 10.0 U1, 10.0 U2, 10.0 U3, 10.0 U4, 10.0 U5, 10.0 U6, 10.0
U7, 10.0 U8, 10.0 U9, 10.0 U10, 10.0 U11, 10.0 U12, 10.0 U13, 10.0 U14, 10.0
U15, 10.0 U16, 10.0 U17, 10.0 U18, 10.0 U19, 10.0 U20, 10.0 U21, 10.0 U22, 10.0
U23, 10.0 U24, 10.0 U25, 10.0 U26, 10.0 U27, 10.0 U28, 10.0 U29, 10.0 U30, 10.0
U31, 10.1 (Feature Release), 11.0, 11.0 U1, 11.0 U2, 11.0 U3, 11.0 U4, 11.0 U5,
11.0 U6, 11.0 U7, 11.0 U8, 11.0 U9, 11.0 U10, 11.0 U11, 11.0 U12, 11.0 U13, 11.0
U14, 11.0 U15, 11.0 U16, 11.0 U17, 11.0 U18, 11.0 U19, 11.0 U20, 11.0 U21, 11.0
U22, 11.0 U23, 11.0 U24, 11.0 U25, 11.0 U26, 11.0 U27, 12.0, 12.0 U1, 12.0 U2,
12.0 U3, 12.0 U4, 12.0 U5, 12.0 U6, 12.0 U7, 12.0 U8, 12.0 U9, 12.0 U10, 12.0
U11, 12.0 U12, 12.0 U13, 12.0 U14, 12.0 U15, 12.0 U16, 12.0 U17, 12.0 U18, 12.0
U19, 12.0 U20, 12.0 U21, 20.0 LTS

CPE2.3
 * cpe:2.3:a:trend_micro:deep_security:20.0 LTS:*:*:*:*:*:*:*
 * Full software list in CPE2.3 format available after registration.

External links

http://success.trendmicro.com/solution/000290104

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have
authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Please enable JavaScript to view the comments powered by Disqus.


###SIDEBAR###


STAY CONNECTED

 * 
 * 
 * 
 * 

SECURITY SERVICES

 * Actionable & Personalized Vulnerability Intelligence
 * On-Demand Security Consulting
 * Pricing

IT-CONSULTING

 * IT Infrastructure Outsourcing Services
 * Web Applications Support & Deployment
 * On-Demand Consulting

PARTNER LINKS

 * SSL/TLS Security Test by ImmuniWeb
 * Web Server Security Test by ImmuniWeb

BLOG

 * The story of the four bears: Brief analysis of APT groups linked to the
   Russian government
 * Cybersecurity year in review: Most notable APT hacks of 2021
 * Hackers put up for sale data of 2M ONUS customers after the company refused
   to pay $5 million ransom
 * China-based cyber spies breached an academic institution through Log4j flaw
 * AvosLocker ransomware group provides decryptor for free after learning they
   hit U.S. police department
 * Read all articles →

Contacts | Terms of use | Privacy Policy

© 2022 Cybersecurity Help s.r.o.

This website is using cookies.
We use them to give you the best experience. If you continue using our website,
we'll assume that you are happy to receive all cookies on this website.
ContinueLearn more

x