Trend Micro Deep Security™️およびDPIルール等の関連情報
- * indicates a new version of an existing rule
Deep Packet Inspection Rules:
CyberPanel
1012300* - CyberPanel Command Injection Vulnerability (CVE-2024-51378)
1012299* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-53376)
Ivanti Avalanche Remote Control Server
1012176* - Ivanti Avalanche Server-Side Request Forgery Vulnerability (CVE-2024-47008)
Ivanti Endpoint Manager
1012396* - Ivanti Endpoint Manager Credential Coercion Vulnerability (CVE-2024-13159)
JetBrains TeamCity
1012470 - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-54534)
Web Application Common
1009975* - Sonatype Nexus Repository Manager OS Command Injection Vulnerability (CVE-2019-5475)
Web Application PHP Based
1012400* - WordPress 'Kubio AI Page Builder' Plugin Local File Inclusion Vulnerability (CVE-2025-2294)
1012313* - WordPress 'Ultimate Exporter' Plugin Command Injection Vulnerability (CVE-2024-56278)
Web Server Apache
1012305* - Chamilo Command Injection Vulnerabilities (CVE-2023-34960 and CVE-2023-3368)
Web Server Miscellaneous
1012449* - XWiki SQL Injection Vulnerability (CVE-2025-32429)
Wing FTP Server
1012410* - Wing FTP Server Remote Code Execution Vulnerability (CVE-2025-47812)
Zoho ManageEngine ADAuditPlus
1012467 - Zoho ManageEngine ADAudit Plus SQL Injection Vulnerability (CVE-2025-36527)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
Gogs
1012334* - Gogs Arbitrary File Delete Vulnerability (CVE-2024-39931)
1012331* - Gogs Path Traversal Vulnerability (CVE-2024-55947)
HPE Insight Remote Support Client
1012323* - HPE Insight Remote Support XML External Entity Injection Vulnerability (CVE-2024-11622)
JetBrains TeamCity
1012466 - JetBrains TeamCity Directory Traversal Vulnerability (CVE-2025-59456)
SimpleHelp Server
1012326* - SimpleHelp Directory Traversal Vulnerability (CVE-2024-57727)
SolarWinds Dameware Web Help Desk
1012463 - SolarWinds Web Help Desk Insecure Deserialization Vulnerability (CVE-2025-26399)
Web Server HTTPS
1012461 - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2025-55296)
1012465 - Sitecore Experience Manager and Platform Authentication Bypass Vulnerability (CVE-2025-34509)
Web Server Nagios
1012275* - Nagios XI 'windows-winrm.inc.php' Command Injection Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services - Client
1012456 - Microsoft Windows SMB Client Remote Code Execution Vulnerability (CVE-2025-54101)
Flowise
1012458 - Flowise Code Injection Vulnerability (CVE-2025-59528)
Oracle E-Business Suite Web Interface
1012464 - Oracle E-Business Suite CRLF Injection Vulnerability (CVE-2025-61882)
Remote Desktop Server Websocket
1012325* - Microsoft Windows Remote Desktop Protocol Remote Code Execution Vulnerability (CVE-2024-49116)
SolarWinds Orion Platform
1012316* - SolarWinds Orion Platform Server-Side Request Forgery Vulnerability (CVE-2024-52606)
Web Client HTTPS
1012457 - Microsoft Windows File Explorer Spoofing Vulnerability (CVE-2025-50154)
Web Server HTTPS
1012322* - Apache Camel Command Injection Vulnerabilities (CVE-2025-29891 and CVE-2025-27636)
1012319* - Centreon SQL Injection Vulnerability (CVE-2024-55573)
1012462 - PivotX CMS Stored Cross-Site Scripting Vulnerability (CVE-2025-52367)
Windows SMB Client
1012459 - Restrict PDF Documents With Embedded Executable Files Over SMB
Integrity Monitoring Rules:
1011152* - Microsoft Windows - Active directory files modified (ATT&CK T1552.006)
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
HP AutoPass License Server
1012228* - HPE AutoPass License Server Authentication Bypass Vulnerability (CVE-2024-51767)
HP Intelligent Management Center (IMC)
1012451 - Apache OFBiz Argument Injection Vulnerability (CVE-2025-54466) - 1
1012452 - Apache OFBiz Argument Injection Vulnerability (CVE-2025-54466) - 2
SAP NetWeaver Java Application Server
1012455 - SAP NetWeaver AS JAVA Directory Traversal Vulnerability (CVE-2017-12637)
Unix Samba
1012454 - Linux Kernel KSMBD NULL Pointer Dereference Vulnerability (CVE-2025-22037)
Web Application Common
1005934* - Identified Suspicious Command Injection Attack
Web Application PHP Based
1012261* - WordPress 'Drag and Drop Multiple File Upload - Contact Form 7' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-0595)
1012259* - WordPress 'VR Calendar' Plugin Command Injection Vulnerability (CVE-2022-2314)
Web Server HTTPS
1012262* - Veritas Enterprise Vault Cross-Site Scripting Vulnerability (CVE-2024-52943)
Web Server Miscellaneous
1012449 - XWiki SQL Injection Vulnerability (CVE-2025-32429)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * indicates a new version of an existing rule
Deep Packet Inspection Rules:
CyberPanel
1012196* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-51567)
Ivanti Endpoint Manager
1012245* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-34783)
Web Application PHP Based
1012243* - MediaWiki CSS Extension Path Traversal Vulnerability (CVE-2024-47841)
Web Application Tomcat
1012251* - LibreNMS Command Injection Vulnerability (CVE-2024-51092)
Web Client HTTPS
1012446 - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2025-54261)
1012450 - Identified NPM Supply Chain Data Exfiltration Attack (Shai-hulud)
1012440 - Microsoft Windows WMPhoto Heap Buffer Overflow Vulnerability (CVE-2025-29962)
Web Server HTTPS
1012448 - Microsoft Windows KDC Proxy Use After Free Vulnerability (CVE-2025-33071)
1012453 - Sitecore Experience Manager and Platform Cache Poisoning Vulnerability (CVE-2025-53693)
Web Server Miscellaneous
1012258* - XWiki Information Disclosure Vulnerability (CVE-2023-50719)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update. - * は既存ルールの新バージョンを示します。
DPI(Deep Packet Inspection) ルール:
CyberPanel
1012196* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-51567)
HPE Insight Remote Support
1012317* - HPE Insight Remote Support XML External Entity Injection Vulnerability (CVE-2024-53675)
JetBrains TeamCity
1012443 - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2025-52879)
WSO2
1012342* - WSO2 API Manager Documentation Arbitrary File Upload Vulnerability
Webアプリケーション PHP
1012361* - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2022-4068)
1012339* - WordPress 'WP Shortcodes' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2025-0370)
1012343* - WordPress 'WP Umbrella' Plugin Local File Inclusion Vulnerability (CVE-2024-12209)
Webサーバ HTTPS
1012445 - FreePBX SQL Injection Vulnerability (CVE-2025-57819)
Webサーバ SharePoint
1012390* - Microsoft SharePoint Server Spoofing Vulnerability (CVE-2025-49706 and CVE-2025-53771)
変更監視(Integrity Monitoring)ルール:
今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。
セキュリティログ監視(Log Inspection)ルール:
1011453* - Microsoft Windows WMI Events - 1 - * は既存ルールの新バージョンを示します。
DPI(Deep Packet Inspection) ルール:
Remote Desktop Protocol Server
1012383 - Identified RDS Local Resource Redirection Attempt
1012380 - Identified Suspicious File Transfer From RDP Redirect Drive
1007969* - Identified Suspicious Remote Desktop Protocol (RDP) Brute Force Attempt (ATT&CK T1110, T1021.001)
Unix Samba
1012437 - Linux Kernel KSMBD NULL Pointer Dereference Vulnerability (CVE-2025-38191)
Webアプリケーション 共通
1012352* - Pandora FMS Command Injection Vulnerability (CVE-2024-12971)
Webアプリケーション PHP
1012436 - WonderCMS Reflected Cross Site Scripting Vulnerability (CVE-2023-41425)
1012344* - WordPress 'Beautiful Taxonomy Filters' Plugin SQL Injection Vulnerability (CVE-2024-12270)
1012368* - WordPress 'WP Hotel Booking' Plugin SQL Injection Vulnerability (CVE-2023-5652)
1012347* - WordPress 'WP Load Gallery' Plugin Arbitrary File Upload Vulnerability (CVE-2025-23942)
Webクライアント 共通
1012432 - Trend Micro Worry-Free Business Security Missing Authentication Vulnerability (CVE-2025-53378)
Webサーバ HTTPS
1012435 - ZendTo Directory Traversal Vulnerability (CVE-2025-34508)
Webサーバ SharePoint
1012390* - Microsoft SharePoint Server Spoofing Vulnerability (CVE-2025-49706 and CVE-2025-53771)
1012442 - Microsoft SharePoint Server-Side Request Forgery Vulnerability (CVE-2025-53760)
Windowsサービス RPCクライアント DCERPC
1012441 - Microsoft Windows NTLM Privilege Escalation Vulnerability (CVE-2025-54918)
pgAdmin
1012349* - pgAdmin Remote Code Execution Vulnerability (CVE-2025-2945)
変更監視(Integrity Monitoring)ルール:
今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。
セキュリティログ監視(Log Inspection)ルール:
今回のセキュリティアップデートには、新規のセキュリティログ監視ルールおよび更新は含まれておりません。 - * は既存ルールの新バージョンを示します。
DPI(Deep Packet Inspection) ルール:
Ivanti Endpoint Manager
1012253* - Ivanti Endpoint Manager SQL Injection Vulnerabilities (CVE-2024-32848 and CVE-2024-13162)
OneDevサーバ
1012270* - OneDev Arbitrary File Read Vulnerability (CVE-2024-45309)
OpenSSL
1012310* - OpenSSL Denial of Service Vulnerability (CVE-2024-6119) - Server
Unix RSync
1012430 - Rsync Information Disclosure Vulnerability (CVE-2024-12085)
Webアプリケーション PHP
1012308* - WordPress 'Hunk Companion' Plugin Broken Access Control Vulnerability (CVE-2024-11972)
1012431 - WordPress 'WPvivid Backup' Plugin Arbitrary File Upload Vulnerability (CVE-2025-5961)
Webサーバ その他
1012315* - Zimbra Collaboration SQL Injection Vulnerability (CVE-2025-25064)
変更監視(Integrity Monitoring)ルール:
今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。
セキュリティログ監視(Log Inspection)ルール:
1004057* - Microsoft Windows Security Events - 1 - * は既存ルールの新バージョンを示します。
DPI(Deep Packet Inspection) ルール:
Adobe Experience Manager
1012427 - Adobe Experience Manager Remote Code Execution Vulnerability (CVE-2025-54253)
CyberPanel
1012196* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-51567)
GhostCMS
1012434 - Ghost CMS Directory Traversal Vulnerability (CVE-2023-32235)
Ivanti Endpoint Manager
1012345* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2025-22461)
JetBrains TeamCity
1012429 - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-52876)
メールサーバ 共通
1012173* - Roundcube Webmail Stored Cross-Site Scripting Vulnerability (CVE-2024-42009)
Webアプリケーション PHP
1012247* - WordPress 'Super Backup & Clone' Plugin Arbitrary File Upload Vulnerability (CVE-2024-9290)
Webアプリケーション Tomcat
1012251* - LibreNMS Command Injection Vulnerability (CVE-2024-51092)
Webサーバ HTTPS
1012353* - Cacti SQL Injection Vulnerability (CVE-2024-54146)
1012233* - WordPress 'FundEngine Donation and Crowdfunding Platform' SQL Injection Vulnerability (CVE-2022-0788)
1012320* - WordPress 'KiviCare' Plugin SQL Injection Vulnerability (CVE-2024-11728)
1012224* - WordPress 'Really Simple Security' Plugin Authentication Bypass Vulnerability (CVE-2024-10924)
1012223* - WordPress Core Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2024-31210)
1012365* - Zabbix SQL Injection Vulnerability (CVE-2024-36465)
Webサーバ Nagios
1012329* - Nagios XI SQL Injection Vulnerability (CVE-2023-48084)
変更監視(Integrity Monitoring)ルール:
今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。
セキュリティログ監視(Log Inspection)ルール:
1012433 - Group Managed Service Account Password Access Attempt
1002795* - Microsoft Windows Events - * は既存ルールの新バージョンを示します。
DPI(Deep Packet Inspection) ルール:
FTPサーバ IIS
1012386 - SolarWinds Serv-U Directory Traversal Vulnerability (CVE-2024-45711)
Ivanti Endpoint Manager
1012214* - Ivanti Endpoint Manager SQL Injection Vulnerabilities (CVE-2024-32847 and CVE-2024-37376)
1012211* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32839)
1012213* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32841)
JetBrains TeamCity
1012420 - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-52877)
Splunk API
1012422 - Splunk Enterprise Reflected Cross-Site Scripting Vulnerability (CVE-2025-20297)
Trend Micro OfficeScan
1012202* - Trend Micro Apex One SQL Injection Vulnerability (CVE-2024-39753)
Webアプリケーション PHP
1012416 - WordPress 'AIT CSV Import/Export' Plugin Arbitrary File Upload Vulnerability (CVE-2020-36849)
1012428 - WordPress 'Web Directory Free' Plugin SQL Injection Vulnerability (CVE-2024-3552)
Webクライアント HTTPS
1012419 - Microsoft Windows Management Console Security Feature Bypass Vulnerability (CVE-2025-26633)
Webサーバ Adobe ColdFusion
1012414 - Adobe ColdFusion Command Injection Vulnerability (CVE-2025-43562)
Webサーバ HTTPS
1012170* - Centreon SQL Injection Vulnerability (CVE-2024-39842 and CVE-2024-39843)
変更監視(Integrity Monitoring)ルール:
今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。
セキュリティログ監視(Log Inspection)ルール:
今回のセキュリティアップデートには、新規のセキュリティログ監視ルールおよび更新は含まれておりません。