A privilege escalation vulnerability in the Trend Micro Deep Security as a Service Quick Setup cloud formation template could allow an authenticated entity with certain unrestricted AWS execution privileges to escalate to full privileges within the target AWS account.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HTrendmicro Deep Security As A Service
APPTrendmicrowszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
LPE
CWE
Related vulnerabilities
CVE-2025-54948CRITICAL9.4⚠ KEVPL ✓ten sam vendor
Command injection w Trend Micro Apex One – RCE bez uwierzytelnienia
CVE-2022-26871CRITICAL9.8⚠ KEVten sam vendor
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attac...
CVE-2020-8599CRITICAL9.8⚠ KEVten sam vendor
Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote a...
CVE-2025-69258CRITICAL9.8PL ✓ten sam vendor
Krytyczna podatność LoadLibraryEX w Trend Micro Apex Central — RCE jako SYSTEM
CVE-2025-54987CRITICAL9.4PL ✓ten sam vendor
RCE w Trend Micro Apex One – command injection bez uwierzytelnienia