May 31, 2023

Trend Micro has patched two high-severity vulnerabilities affecting some of its hybrid cloud security products. Tracked as CVE-2022-23119 and CVE-2022-23120, impacting Deep Security and Cloud One workload security solutions, specifically the Linux agent component.

Modzero firm discovered and the flaws were reported to Trend Micro in September and patches were released in October, November and December.

Advertisements

The Deep Security Agent for Linux is affected by a directory traversal vulnerability that could allow an attacker to read arbitrary files, and a code injection issue that could be exploited to escalate privileges and execute code as root. To perfom this the attacker needs to have access to the targeted system and exploitation is only possible if the agent has not been activated or configured.

The hardcoded default X.509 certificate and a corresponding private key are shipped with the agent software. The certificate is used for communications with the server before the agent is activated.

Advertisements

Vulnerabilities in Trend Micro products have been known to be exploited by malicious actors, particularly flaws in the cybersecurity firm’s Apex One products.

Tags:

Leave a Reply

You may have missed

Mirai Bots Targeting IoT Devices

Mirai Bots Targeting IoT Devices

May 30, 2023
Watering hole attack from Tortoiseshell group

Watering hole attack from Tortoiseshell group

May 29, 2023
New TLD Based Phishing Campaign

New TLD Based Phishing Campaign

May 29, 2023
CrowdStrike strategy dominates MDR Market

CrowdStrike strategy dominates MDR Market

May 28, 2023
TheCyberThrone Security Week In Review–May 27, 2023

TheCyberThrone Security Week In Review–May 27, 2023

May 28, 2023
Zyxel Patches Critical Buffer Overflow Vulnerability

Zyxel Patches Critical Buffer Overflow Vulnerability

May 27, 2023
%d bloggers like this: