CVE-2025-30641

A link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://success.trendmicro.com/en-US/solution/KA-0019344	Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-25-240/	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:trendmicro:deep_security_agent:::::long_term_support:::*
	cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:-:::long_term_support:::*
	cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update12510:::long_term_support:::*
	cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update14610:::long_term_support:::*
	cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update17380:::long_term_support:::*
	cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update19250:::long_term_support:::*
	cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update21510:::long_term_support:::*
	cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update23340:::long_term_support:::*
	cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update3180:::long_term_support:::*
	cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update4540:::long_term_support:::*
	cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update690:::long_term_support:::*
	cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update7380:::long_term_support:::*
	cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update9400:::long_term_support:::*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

09 Sep 2025, 14:45

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad que sigue un enlace en la solución antimalware de los agentes de Trend Micro Deep Security 20.0 podría permitir a un atacante local escalar privilegios en las instalaciones afectadas. Nota: Para explotar esta vulnerabilidad, un atacante debe primero ejecutar código con pocos privilegios en el sistema objetivo.
First Time		Microsoft windows Trendmicro Microsoft Trendmicro deep Security Agent
References	~~() https://success.trendmicro.com/en-US/solution/KA-0019344 -~~	() https://success.trendmicro.com/en-US/solution/KA-0019344 - Vendor Advisory
References	~~() https://www.zerodayinitiative.com/advisories/ZDI-25-240/ -~~	() https://www.zerodayinitiative.com/advisories/ZDI-25-240/ - Third Party Advisory
CPE		cpe:2.3:o:microsoft:windows:-:::::::* cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update7380:::long_term_support:::* cpe:2.3:a:trendmicro:deep_security_agent:::::long_term_support:::* cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update690:::long_term_support:::* cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update23340:::long_term_support:::* cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update21510:::long_term_support:::* cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update4540:::long_term_support:::* cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update3180:::long_term_support:::* cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update9400:::long_term_support:::* cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update14610:::long_term_support:::* cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update19250:::long_term_support:::* cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update12510:::long_term_support:::* cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:update17380:::long_term_support:::* cpe:2.3:a:trendmicro:deep_security_agent:20.0.1:-:::long_term_support:::*

17 Jun 2025, 21:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-17 21:15

Updated : 2025-09-09 14:45

NVD link : CVE-2025-30641

Mitre link : CVE-2025-30641

CVE.ORG link : CVE-2025-30641

JSON object : View

Products Affected

microsoft

windows

trendmicro

deep_security_agent

CWE

CWE-59

Improper Link Resolution Before File Access ('Link Following')

7.8 /10