Primary

Context

Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability

Vulnerability

Patched

A link following vulnerability has been identified in Trend Micro Deep Security Agent version 20.0, prior to 20.0.1-25770, on Windows. This vulnerability allows local attackers to escalate privileges on affected systems. To exploit this issue, an attacker must first have the ability to execute low-privileged code on the target machine.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing an attacker to execute arbitrary code with SYSTEM rights.

Remediation

Users are advised to update to Trend Micro Deep Security Agent version 20.0.1-25770 or later. This update is available now. For additional guidance, consult the Trend Micro Download Center.

Added: Jun 17, 2025, 9:49 PM

Updated: Jun 17, 2025, 9:49 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

10.0

exploitability

3.5

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

10.0

exploitability

3.5

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Trend Micro Deep Security Agent

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating