Recently, the cloud security software firm Trend Micro rolled out several patches to resolve vulnerabilities in their Deep Security and Cloud One Workload solutions for Ubuntu agents. These vulnerabilities are tracked as CVE-2022-23119 and CVE-2022-23120. Barracuda MSP recommends updating these services as soon as possible to ensure that the patches can be properly applied.
Technical Detail & Additional Information
WHAT IS THE THREAT?
- CVE-2022-23119 Directory Traversal Vulnerability: This vulnerability exists in both Deep Security and Cloud one. It could allow an attacker to read arbitrary files on a file system.
- CVE-2022-23120 Code Injection Local Privilege Escalation Vulnerability: This vulnerability exists in both Deep Security and Cloud one. It could allow attackers to escalate to root privileges and execute arbitrary code.
WHY IS IT NOTEWORTHY?
Trend Micro products are utilized worldwide by businesses, universities, and individuals. Trend Micro clients rely on these products to keep sensitive data secure, and business critical devices running uninfected. These products exist to offer extra security for a business and their devices because when a situation exists where they are creating vulnerabilities, it can have a sizable impact for a business very quickly if not handled properly. It is important to keep all services updated regularly on business-critical devices to ensure that all security patches are applied upon their release.
WHAT IS THE EXPOSURE OR RISK?
When vulnerabilities are discovered on a service which is used by many devices within an organization, the risk is high. These specific vulnerabilities could potentially allow attackers to access sensitive information, escalate privileges, and execute arbitrary code. This could lead to compromises like data leakage, denial of service attacks, the deletion or creation of files and even complete system compromises. Trend Micro products are used by businesses with the goal of keeping their devices safe from attackers. These vulnerabilities put that expectation at risk, so it is very important to make sure that all Deep Security and Cloud One services are updated to allow for patches to be applied.
WHAT ARE THE RECOMMENDATIONS?
Barracuda MSP recommends ensuring that all Trend Micro Deep Security Ubuntu agents running versions 20 and below are updated immediately to address these vulnerabilities and reduce cyber risk.
For more in-depth information about the recommendations, please visit the following links:
If you have any questions, please contact our Security Operations Center.