Trend Micro Deep Security™️およびDPIルール等の関連情報

  • 25-040 (September 30, 2025)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    HP AutoPass License Server
    1012228* - HPE AutoPass License Server Authentication Bypass Vulnerability (CVE-2024-51767)


    HP Intelligent Management Center (IMC)
    1012451 - Apache OFBiz Argument Injection Vulnerability (CVE-2025-54466) - 1
    1012452 - Apache OFBiz Argument Injection Vulnerability (CVE-2025-54466) - 2


    SAP NetWeaver Java Application Server
    1012455 - SAP NetWeaver AS JAVA Directory Traversal Vulnerability (CVE-2017-12637)


    Unix Samba
    1012454 - Linux Kernel KSMBD NULL Pointer Dereference Vulnerability (CVE-2025-22037)


    Web Application Common
    1005934* - Identified Suspicious Command Injection Attack


    Web Application PHP Based
    1012261* - WordPress 'Drag and Drop Multiple File Upload - Contact Form 7' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0595)
    1012259* - WordPress 'VR Calendar' Plugin Command Injection Vulnerability (CVE-2022-2314)


    Web Server HTTPS
    1012262* - Veritas Enterprise Vault Cross-Site Scripting Vulnerability (CVE-2024-52943)


    Web Server Miscellaneous
    1012449 - XWiki SQL Injection Vulnerability (CVE-2025-32429)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • 25-039 (September 23, 2025)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    CyberPanel
    1012196* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-51567)


    Ivanti Endpoint Manager
    1012245* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-34783)


    Web Application PHP Based
    1012243* - MediaWiki CSS Extension Path Traversal Vulnerability (CVE-2024-47841)


    Web Application Tomcat
    1012251* - LibreNMS Command Injection Vulnerability (CVE-2024-51092)


    Web Client HTTPS
    1012446 - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2025-54261)
    1012450 - Identified NPM Supply Chain Data Exfiltration Attack (Shai-hulud)
    1012440 - Microsoft Windows WMPhoto Heap Buffer Overflow Vulnerability (CVE-2025-29962)


    Web Server HTTPS
    1012448 - Microsoft Windows KDC Proxy Use After Free Vulnerability (CVE-2025-33071)
    1012453 - Sitecore Experience Manager and Platform Cache Poisoning Vulnerability (CVE-2025-53693)


    Web Server Miscellaneous
    1012258* - XWiki Information Disclosure Vulnerability (CVE-2023-50719)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • * は既存ルールの新バージョンを示します。

    DPI(Deep Packet Inspection) ルール:

    CyberPanel
    1012196* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-51567)


    HPE Insight Remote Support
    1012317* - HPE Insight Remote Support XML External Entity Injection Vulnerability (CVE-2024-53675)


    JetBrains TeamCity
    1012443 - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2025-52879)


    WSO2
    1012342* - WSO2 API Manager Documentation Arbitrary File Upload Vulnerability


    Webアプリケーション PHP
    1012361* - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2022-4068)
    1012339* - WordPress 'WP Shortcodes' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2025-0370)
    1012343* - WordPress 'WP Umbrella' Plugin Local File Inclusion Vulnerability (CVE-2024-12209)


    Webサーバ HTTPS
    1012445 - FreePBX SQL Injection Vulnerability (CVE-2025-57819)


    Webサーバ SharePoint
    1012390* - Microsoft SharePoint Server Spoofing Vulnerability (CVE-2025-49706 and CVE-2025-53771)


    変更監視(Integrity Monitoring)ルール:

    今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。


    セキュリティログ監視(Log Inspection)ルール:

    1011453* - Microsoft Windows WMI Events - 1
  • * は既存ルールの新バージョンを示します。

    DPI(Deep Packet Inspection) ルール:

    Remote Desktop Protocol Server
    1012383 - Identified RDS Local Resource Redirection Attempt
    1012380 - Identified Suspicious File Transfer From RDP Redirect Drive
    1007969* - Identified Suspicious Remote Desktop Protocol (RDP) Brute Force Attempt (ATT&CK T1110, T1021.001)


    Unix Samba
    1012437 - Linux Kernel KSMBD NULL Pointer Dereference Vulnerability (CVE-2025-38191)


    Webアプリケーション 共通
    1012352* - Pandora FMS Command Injection Vulnerability (CVE-2024-12971)


    Webアプリケーション PHP
    1012436 - WonderCMS Reflected Cross Site Scripting Vulnerability (CVE-2023-41425)
    1012344* - WordPress 'Beautiful Taxonomy Filters' Plugin SQL Injection Vulnerability (CVE-2024-12270)
    1012368* - WordPress 'WP Hotel Booking' Plugin SQL Injection Vulnerability (CVE-2023-5652)
    1012347* - WordPress 'WP Load Gallery' Plugin Arbitrary File Upload Vulnerability (CVE-2025-23942)


    Webクライアント 共通
    1012432 - Trend Micro Worry-Free Business Security Missing Authentication Vulnerability (CVE-2025-53378)


    Webサーバ HTTPS
    1012435 - ZendTo Directory Traversal Vulnerability (CVE-2025-34508)


    Webサーバ SharePoint
    1012390* - Microsoft SharePoint Server Spoofing Vulnerability (CVE-2025-49706 and CVE-2025-53771)
    1012442 - Microsoft SharePoint Server-Side Request Forgery Vulnerability (CVE-2025-53760)


    Windowsサービス RPCクライアント DCERPC
    1012441 - Microsoft Windows NTLM Privilege Escalation Vulnerability (CVE-2025-54918)


    pgAdmin
    1012349* - pgAdmin Remote Code Execution Vulnerability (CVE-2025-2945)


    変更監視(Integrity Monitoring)ルール:

    今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。


    セキュリティログ監視(Log Inspection)ルール:

    今回のセキュリティアップデートには、新規のセキュリティログ監視ルールおよび更新は含まれておりません。
  • * は既存ルールの新バージョンを示します。

    DPI(Deep Packet Inspection) ルール:

    Ivanti Endpoint Manager
    1012253* - Ivanti Endpoint Manager SQL Injection Vulnerabilities (CVE-2024-32848 and CVE-2024-13162)


    OneDevサーバ
    1012270* - OneDev Arbitrary File Read Vulnerability (CVE-2024-45309)


    OpenSSL
    1012310* - OpenSSL Denial of Service Vulnerability (CVE-2024-6119) - Server


    Unix RSync
    1012430 - Rsync Information Disclosure Vulnerability (CVE-2024-12085)


    Webアプリケーション PHP
    1012308* - WordPress 'Hunk Companion' Plugin Broken Access Control Vulnerability (CVE-2024-11972)
    1012431 - WordPress 'WPvivid Backup' Plugin Arbitrary File Upload Vulnerability (CVE-2025-5961)


    Webサーバ その他
    1012315* - Zimbra Collaboration SQL Injection Vulnerability (CVE-2025-25064)


    変更監視(Integrity Monitoring)ルール:

    今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。


    セキュリティログ監視(Log Inspection)ルール:

    1004057* - Microsoft Windows Security Events - 1
  • * は既存ルールの新バージョンを示します。

    DPI(Deep Packet Inspection) ルール:

    Adobe Experience Manager
    1012427 - Adobe Experience Manager Remote Code Execution Vulnerability (CVE-2025-54253)


    CyberPanel
    1012196* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-51567)


    GhostCMS
    1012434 - Ghost CMS Directory Traversal Vulnerability (CVE-2023-32235)


    Ivanti Endpoint Manager
    1012345* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2025-22461)


    JetBrains TeamCity
    1012429 - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-52876)


    メールサーバ 共通
    1012173* - Roundcube Webmail Stored Cross-Site Scripting Vulnerability (CVE-2024-42009)


    Webアプリケーション PHP
    1012247* - WordPress 'Super Backup & Clone' Plugin Arbitrary File Upload Vulnerability (CVE-2024-9290)


    Webアプリケーション Tomcat
    1012251* - LibreNMS Command Injection Vulnerability (CVE-2024-51092)


    Webサーバ HTTPS
    1012353* - Cacti SQL Injection Vulnerability (CVE-2024-54146)
    1012233* - WordPress 'FundEngine Donation and Crowdfunding Platform' SQL Injection Vulnerability (CVE-2022-0788)
    1012320* - WordPress 'KiviCare' Plugin SQL Injection Vulnerability (CVE-2024-11728)
    1012224* - WordPress 'Really Simple Security' Plugin Authentication Bypass Vulnerability (CVE-2024-10924)
    1012223* - WordPress Core Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2024-31210)
    1012365* - Zabbix SQL Injection Vulnerability (CVE-2024-36465)


    Webサーバ Nagios
    1012329* - Nagios XI SQL Injection Vulnerability (CVE-2023-48084)


    変更監視(Integrity Monitoring)ルール:

    今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。


    セキュリティログ監視(Log Inspection)ルール:

    1012433 - Group Managed Service Account Password Access Attempt
    1002795* - Microsoft Windows Events
  • * は既存ルールの新バージョンを示します。

    DPI(Deep Packet Inspection) ルール:

    FTPサーバ IIS
    1012386 - SolarWinds Serv-U Directory Traversal Vulnerability (CVE-2024-45711)


    Ivanti Endpoint Manager
    1012214* - Ivanti Endpoint Manager SQL Injection Vulnerabilities (CVE-2024-32847 and CVE-2024-37376)
    1012211* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32839)
    1012213* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32841)


    JetBrains TeamCity
    1012420 - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-52877)


    Splunk API
    1012422 - Splunk Enterprise Reflected Cross-Site Scripting Vulnerability (CVE-2025-20297)


    Trend Micro OfficeScan
    1012202* - Trend Micro Apex One SQL Injection Vulnerability (CVE-2024-39753)


    Webアプリケーション PHP
    1012416 - WordPress 'AIT CSV Import/Export' Plugin Arbitrary File Upload Vulnerability (CVE-2020-36849)
    1012428 - WordPress 'Web Directory Free' Plugin SQL Injection Vulnerability (CVE-2024-3552)


    Webクライアント HTTPS
    1012419 - Microsoft Windows Management Console Security Feature Bypass Vulnerability (CVE-2025-26633)


    Webサーバ Adobe ColdFusion
    1012414 - Adobe ColdFusion Command Injection Vulnerability (CVE-2025-43562)


    Webサーバ HTTPS
    1012170* - Centreon SQL Injection Vulnerability (CVE-2024-39842 and CVE-2024-39843)


    変更監視(Integrity Monitoring)ルール:

    今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。


    セキュリティログ監視(Log Inspection)ルール:

    今回のセキュリティアップデートには、新規のセキュリティログ監視ルールおよび更新は含まれておりません。
  • * は既存ルールの新バージョンを示します。

    DPI(Deep Packet Inspection) ルール:

    Kubernetes Ingress-Nginx Controller
    1012367* - Kubernetes Ingress-Nginx Multiple Code Injection Vulnerabilities


    メールサーバ Postfix
    1012235* - Zimbra Collaboration Command Injection Vulnerability (CVE-2024-45519)


    Progress WhatsUp Gold
    1012242* - Progress WhatsUp Gold SQL Injection Vulnerability (CVE-2024-46906)


    Redisサーバ
    1012413 - Redis Out of Bound Write Vulnerability (CVE-2025-32023)


    Trend Micro OfficeScan
    1012421 - Trend Micro Apex One Command Injection Vulnerability (CVE-2025-54948 and CVE-2025-54987)


    Webアプリケーション PHP
    1012247* - WordPress 'Super Backup & Clone' Plugin Arbitrary File Upload Vulnerability (CVE-2024-9290)


    Webクライアント HTTPS
    1012418 - MCP-Remote Command Injection Vulnerability (CVE-2025-6514)


    Webサーバ HTTPS
    1012241* - Cacti Stored Cross-Site Scripting Vulnerabilities (CVE-2024-43364 and CVE-2024-43365)
    1012224* - WordPress 'Really Simple Security' Plugin Authentication Bypass Vulnerability (CVE-2024-10924)


    Webサーバ SharePoint
    1012423 - Microsoft SharePoint Server Denial-of-Service Vulnerability (ZDI-CAN-25207)
    1012424 - Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability (ZDI-CAN-24831)


    Windowsサービス RPCクライアント DCERPC
    1012425 - Microsoft Windows NTLM Elevation Of Privilege Vulnerability (CVE-2025-53778)


    変更監視(Integrity Monitoring)ルール:

    1002770* - Linux/Unix - File attributes in the /usr/bin and /usr/sbin directories modified


    セキュリティログ監視(Log Inspection)ルール:

    1008670* - Microsoft Windows Security Events - 3
  • * は既存ルールの新バージョンを示します。

    DPI(Deep Packet Inspection) ルール:

    HPE Insight Remote Support
    1012304* - HPE Insight Remote Support Directory Traversal Vulnerability (CVE-2024-53676)


    Ivanti Avalanche
    1012411 - Ivanti Avalanche Enterprise Service Arbitrary File Upload Vulnerability (CVE-2021-42125)


    Progress WhatsUp Gold
    1012237* - Progress WhatsUp Gold SQL Injection Vulnerability (CVE-2024-46905)


    SolarWinds Dameware Web Help Desk
    1012127* - SolarWinds Dameware Web Help Desk Multiple Deserialization Remote Code Execution Vulnerabilities (CVE-2024-28986 and CVE-2024-28988)


    Unix Samba
    1012409 - Linux Kernel KSMBD Use After Free Vulnerability (CVE-2025-37778)


    Webアプリケーション PHP
    1012307* - WordPress 'Tutor LMS' Plugin SQL Injection Vulnerability (CVE-2024-10400)
    1012313* - WordPress 'Ultimate Exporter' Plugin Command Injection Vulnerability (CVE-2024-56278)


    Webサーバ Adobe ColdFusion
    1012405 - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49541)
    1012407 - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49542)
    1012406 - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49543)


    Windows SMBサーバ
    1012394* - Microsoft Windows NEGOEX Remote Code Execution Vulnerability (CVE-2025-47981)


    Wing FTPサーバ
    1012410* - Wing FTP Server Remote Code Execution Vulnerability (CVE-2025-47812)


    変更監視(Integrity Monitoring)ルール:

    今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。


    セキュリティログ監視(Log Inspection)ルール:

    今回のセキュリティアップデートには、新規のセキュリティログ監視ルールおよび更新は含まれておりません。
  • * は既存ルールの新バージョンを示します。

    DPI(Deep Packet Inspection) ルール:

    CyberPanel
    1012300* - CyberPanel Command Injection Vulnerability (CVE-2024-51378)
    1012299* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-53376)


    PaperCut
    1012415 - PaperCut NG and MF Cross-Site Request Forgery Vulnerability (CVE-2023-2533)


    Progress WhatsUp Gold
    1012239* - Progress WhatsUp Gold SQL Injection Vulnerability (CVE-2024-46907)


    Webアプリケーション PHP
    1012401 - WordPress 'Depicter' Plugin SQL Injection Vulnerability (CVE-2025-2011)
    1012301* - WordPress 'Quiz Maker' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2023-2571)


    Webサーバ Adobe ColdFusion
    1012408 - Adobe ColdFusion Command Injection Vulnerability (CVE-2025-49537)
    1012404* - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49540)


    Webサーバ 共通
    1012412 - Bypass Network Scanner Traffic - XFF


    Webサーバ HTTPS
    1012354* - Craft CMS Remote Code Execution Vulnerability (CVE-2025-32432)
    1012292* - Zabbix SQL Injection Vulnerability (CVE-2024-42327)


    変更監視(Integrity Monitoring)ルール:

    今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。


    セキュリティログ監視(Log Inspection)ルール:

    今回のセキュリティアップデートには、新規のセキュリティログ監視ルールおよび更新は含まれておりません。