CVE-2024-55955

MEDIUM6.7/ 10.0
Share:
Published: December 31, 2024 at 05:15 PM
Modified: September 9, 2025 at 02:45 PM
Source: security@trendmicro.com

Vulnerability Description

An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVSS Metrics

Base Score
6.7
Severity
MEDIUM
Vector String
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-427
Source: security@trendmicro.com
CWE-732
Source: nvd@nist.gov

References & Intelligence

https://success.trendmicro.com/en-US/solution/KA-0018571
Source: security@trendmicro.com
Vendor Advisory

Related Resources

Browse CVE Database
Search 294,000+ vulnerabilities
CVEs from 2024
View all vulnerabilities this year
CWE Database
Explore weakness categories
Security Writeups
Learn from real-world examples
About 4nuxd
Cybersecurity research & tools
Homepage
Explore more security resources