CVE-2025-30641
Severity CVSS v4.0:
Pending analysis
Type:
CWE-59
Link Following
Publication date:
17/06/2025
Last modified:
09/09/2025
Description
A link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations.<br />
<br />
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:trendmicro:deep_security_agent:*:*:*:*:long_term_support:*:*:* | 20.0.1 (excluding) | |
| cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:-:*:*:long_term_support:*:*:* | ||
| cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update12510:*:*:long_term_support:*:*:* | ||
| cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update14610:*:*:long_term_support:*:*:* | ||
| cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update17380:*:*:long_term_support:*:*:* | ||
| cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update19250:*:*:long_term_support:*:*:* | ||
| cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update21510:*:*:long_term_support:*:*:* | ||
| cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update23340:*:*:long_term_support:*:*:* | ||
| cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update3180:*:*:long_term_support:*:*:* | ||
| cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update4540:*:*:long_term_support:*:*:* | ||
| cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update690:*:*:long_term_support:*:*:* | ||
| cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update7380:*:*:long_term_support:*:*:* | ||
| cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update9400:*:*:long_term_support:*:*:* | ||
| cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page