Affected Version(s)
| Product | Affected Version(s) | Platform | Language(s) |
|---|---|---|---|
| Deep Discovery Inspector (DDI) | 6.5 - 6.8 SP2 | Appliance | English |
Solution
Trend Micro has released the following solutions which update the OpenSSL component to version 3.0.19 & 3.5.5 in DDI to address the issue:
| Product | Updated version | Platform | Availability |
|---|---|---|---|
| DDI | 6.5 build 1197 | Appliance |
Now Available |
| DDI | 6.6 build 1107 | Appliance |
Now Available |
| DDI | 6.7 build 1116 | Appliance |
Now Available |
| DDI | 6.7 SP1 build 1093 | Appliance |
Now Available |
| DDI | 6.8 build 1139 | Appliance |
Now Available |
| DDI | 6.8 SP1 build 1135 | Appliance |
Now Available |
| DDI | 6.8 SP2 build 1053 | Appliance |
Now Available |
These are the minimum recommended version(s) of the patches and/or builds required to address the issue. Trend Micro highly encourages customers to obtain the latest version of the product if there is a newer one available than the one listed in this bulletin.
Customers are encouraged to visit Trend Micro’s Download Center to obtain prerequisite software (such as Service Packs) and the patches themselves to apply any of the solutions above.
Vulnerability Details
CVE-2025-15467: Stack buffer overflow in CMS (Auth)EnvelopedData parsing
Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow.
Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution.
Reference
- CVE-2025-15467 (CVE.org)