CVE-2019-15627

Name of the Vulnerable Software and Affected Versions Trend Micro Deep Security Agent versions 10.0 through 12.0

Description The issue is related to an arbitrary file delete attack, which may lead to availability impact. Local OS access is required. The vulnerability is associated with incorrect link resolution before file access, allowing an attacker to delete arbitrary files. Only Windows agents are affected.

Recommendations For versions 10.0 through 12.0, consider restricting local OS access to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.