CVE-2025-30642: 
Trend Micro Deep Security Agent vulnerability analysis and mitigation

CVE-2025-30642 is a link following vulnerability discovered in Trend Micro Deep Security 20.0 agents, disclosed on April 9, 2025. The vulnerability affects versions before 20.0.1-25770 of the Deep Security Agent on Windows platforms and has been assigned a CVSS v3.1 base score of 5.5 (Medium). The vulnerability was reported by NT AUTHORITY\ANONYMOUS LOGON through Trend Micro's Zero Day Initiative (ZDI Advisory, Trend Advisory).

The vulnerability exists within the Damage Cleanup Engine component and is classified as CWE-59 (Improper Link Resolution Before File Access). The specific flaw allows an attacker to abuse the component by creating a junction that can be used to delete a file. The vulnerability has a CVSS v3.1 vector string of AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating local access requirements and high impact on system availability (ZDI Advisory, Wiz Analysis).

When successfully exploited, this vulnerability leads to a denial-of-service (DoS) condition on the affected system. The impact is specifically limited to system availability, with no direct effect on confidentiality or integrity of the system (Trend Advisory, Wiz Analysis).

Trend Micro has released version 20.0.1-25770 (20 LTS Update 2024-12-10) to address this vulnerability. Users are strongly encouraged to update to the latest version as soon as possible. Additionally, organizations should review remote access to critical systems and ensure policies and perimeter security are up-to-date (Trend Advisory).