- Description
- A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. In certain circumstances, attackers that have legitimate access to the domain may be able to remotely inject commands to other machines in the same domain. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability locally and must have domain user privileges to affect other machines.
- Source
- security@trendmicro.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 8
- Impact score
- 6
- Exploitability score
- 1.3
- Vector string
- CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- HIGH
- security@trendmicro.com
- CWE-78
- Hype score
- Not currently trending
Trend Micro Deep Security Agent の RCE 脆弱性 CVE-2024-51503 が FIX:直ちにアップデートを! https://t.co/pdEf7vca9I #RCE #TrendMicro #DeepSecurity #Vulnerability #ZDI
@iototsecnews
2 Dec 2024
87 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
2024.11.22 セキュリティニュースアラート Trend Micro Deep Security Agentに深刻な脆弱性 早急な対応を(会員限定) - ITmedia エンタープライズ Trend MicroはTrend Micro Deep Security Agentに深刻な脆弱性(CVE-2024-51503)が存在すると発表した。この脆弱性はリモ… https://t.co/woeZP9uogx
@kawn2020
25 Nov 2024
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
آسیب پذیری جدیدی با کد شناسایی CVE-2024-51503 و از نوع RCE برای محصول Trend micro منتشر شده است. علت این آسیب پذیری فیچر Deep Security در این محصول می باشد. ورژن های قبل از 20.0.1-21510 این محصول دارای این آسیب پذیری هستند . https://t.co/Poz3aKY03t https://t.co/R9F01hPdiV
@AmirHossein_sec
24 Nov 2024
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-51503: Trend Micro Deep Security Agent RCE Vulnerability Fixed https://t.co/oerm2ErCff
@Dinosn
20 Nov 2024
2704 Impressions
9 Retweets
27 Likes
7 Bookmarks
0 Replies
0 Quotes
トレンドマイクロのTrend Micro Deep Security Agentに遠隔コード実行の脆弱性。CVE-2024-51503はユーザーからの文字列をシステムコールに用いる際の検証不備で、ドメインに正規のアクセスが可能な攻撃者が遠隔からコマンドをインジェクションし、SYSTEM権限で実行可能。 https://t.co/VFbALMI3UQ
@__kokumoto
20 Nov 2024
4576 Impressions
21 Retweets
45 Likes
9 Bookmarks
0 Replies
1 Quote
CVE-2024-51503 A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbi… https://t.co/YkQwOVLe0B
@CVEnew
20 Nov 2024
135 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SECURITY BULLETIN: Trend Micro Deep Security 20 Agent Manual Scan Command Injection RCE Vulnerability (CVE-2024-51503) https://t.co/Ta4XBlbb7f
@autumn_good_35
19 Nov 2024
70 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes