Vulnerability of Agent used for Host-based Security
Thank you for using Enterprise Cloud (ECL).
We inform you that the following vulnerabilities have been confirmed by Trend Micro in Agent used for Host-based security in Enterprise Cloud 2.0 (ECL2.0).
Please upgrade the Agent to address this vulnerability.
Vulnerability (CVE-2020-8607) related to input validation of rootkit protection driver
■ Vulnerability overview
A vulnerability has been confirmed in the rootkit protection driver installed in the Agent.
Exploiting this vulnerability could allow an attack by a malicious person.
In order to exploit this vulnerability, it is necessary to use an OS administrator account on the target device.
Please refer to the following URL for details.
■ Applicable services
■ Agents and versions that may be affected by the vulnerability
(The target of this vulnerability is Agent for Window OS only.)
The latest version available from the Security Control Panel (versions listed below) can be used as a countermeasure.
Please upgrade the Agent accordingly.
Agent Version: Deep Security Agent 11.0.0-1514
■Notes on Agent upgrade
– Please refer to the following URL for details on Agent upgrade procedure.
– You may need to restart the OS depending on your computer.
– After the version upgrade, please check that the version of the Agent has been upgraded on the Security Control Panel.