CVE-2023-52338
Published: 23 January 2024
Summary
CVE-2023-52338 is a high-severity Link Following (CWE-59) vulnerability in Trendmicro Deep Security Agent. Its CVSS base score is 7.8 (High).
Operationally, ranked at the 35.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-56995
Vulnerability details
A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain…
more
the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.