CVE-2022-40709: Trend Micro Deep Security Out-Of-Bounds Read Information Disclosure Vulnerability

First published: Wed Sep 28 2022(Updated: )

An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707 and 40708.

Credit: security@trendmicro.com security@trendmicro.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-index
• agent/references
• agent/type
• agent/first-publish-date
• collector/nvd-api
• source/NVD
• agent/software-canonical-lookup
• agent/weakness
• agent/title
• agent/severity
• agent/author
• agent/last-modified-date
• agent/description
• agent/softwarecombine
• agent/tags
• agent/event
• collector/zdi-advisory
• source/ZDI
• alias/ZDI-22-1299
• alias/ZDI-CAN-16651
• alias/CVE-2022-40709
• vendor/trendmicro
• canonical/trendmicro deep security
• version/trendmicro deep security/20.0
• canonical/trendmicro deep security agent
• version/trendmicro deep security agent/20.0
• version/trendmicro deep security agent/20.0-update1337
• version/trendmicro deep security agent/20.0-update1559
• version/trendmicro deep security agent/20.0-update158
• version/trendmicro deep security agent/20.0-update167
• version/trendmicro deep security agent/20.0-update1681
• version/trendmicro deep security agent/20.0-update173
• version/trendmicro deep security agent/20.0-update180
• version/trendmicro deep security agent/20.0-update182
• version/trendmicro deep security agent/20.0-update1822
• version/trendmicro deep security agent/20.0-update183
• version/trendmicro deep security agent/20.0-update1876
• version/trendmicro deep security agent/20.0-update190
• version/trendmicro deep security agent/20.0-update198
• version/trendmicro deep security agent/20.0-update2009
• version/trendmicro deep security agent/20.0-update208
• version/trendmicro deep security agent/20.0-update213
• version/trendmicro deep security agent/20.0-update2204
• version/trendmicro deep security agent/20.0-update223
• version/trendmicro deep security agent/20.0-update224
• version/trendmicro deep security agent/20.0-update2419
• version/trendmicro deep security agent/20.0-update2593
• version/trendmicro deep security agent/20.0-update2740
• version/trendmicro deep security agent/20.0-update2921
• version/trendmicro deep security agent/20.0-update3165
• version/trendmicro deep security agent/20.0-update3288
• version/trendmicro deep security agent/20.0-update3445
• version/trendmicro deep security agent/20.0-update3530
• version/trendmicro deep security agent/20.0-update3771
• version/trendmicro deep security agent/20.0-update3964
• version/trendmicro deep security agent/20.0-update4185
• version/trendmicro deep security agent/20.0-update4416
• version/trendmicro deep security agent/20.0-update4726
• version/trendmicro deep security agent/20.0-update4959
• version/trendmicro deep security agent/20.0-update5137
• version/trendmicro deep security agent/20.0-update877
• vendor/microsoft
• canonical/microsoft windows
• vendor/trend micro
• canonical/trend micro deep security