### #TrendMicroUpdate #CVE2024 #ZeroDayInitiative
Summary: A critical vulnerability in Trend Micro’s Deep Security 20 Agent, identified as CVE-2024-51503, could allow attackers to execute arbitrary code on affected machines. The issue has been addressed in the latest update, and users are urged to upgrade promptly.
Threat Actor: Unknown | unknown
Victim: Trend Micro Users | Trend Micro
Key Point :
- The vulnerability arises from improper validation of user-supplied strings before executing system calls.
- Attackers need initial access and domain user privileges to exploit the vulnerability.
- Trend Micro has released an updated version of the Deep Security Agent to mitigate the issue.
- Users are advised to review remote access to critical systems and update their security policies.
A recently discovered vulnerability in the Trend Micro Deep Security 20 Agent could have allowed attackers to execute arbitrary code on affected machines. The vulnerability, identified as CVE-2024-51503, has been addressed in the latest update.
The vulnerability stemmed from a lack of proper validation of user-supplied strings before executing system calls. This could have allowed attackers with legitimate access to the domain to inject commands remotely to other machines within the same domain.
“The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM,” reads the security advisory.
Trend Micro emphasized that exploitation requires the attacker to meet certain conditions. These include having initial access to execute low-privileged code on the target system and possessing domain user privileges to affect other machines.
The vulnerability was responsibly disclosed by Simon Zuckerbraun of Trend Micro’s Zero Day Initiative (ZDI).
Trend Micro has released an updated version of the Deep Security Agent, version 20.0.1-21510, to address this vulnerability. Users of the Deep Security Agent are strongly encouraged to update to the latest version as soon as possible.
In addition to updating to the latest version, Trend Micro recommends that users review remote access to critical systems and ensure that their security policies and perimeter security are up-to-date.
Related Posts:
Source: https://securityonline.info/cve-2024-51503-trend-micro-deep-security-agent-rce-vulnerability-fixed