Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.1
CVSSv2

CVE-2019-20358

Published: 30/01/2020 Updated: 21/07/2021
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 454
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Subscribe to Anti-threat Toolkit

Vulnerability Summary

Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an malicious user to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed. Another attack vector similar to CVE-2019-9491 was idenitfied and resolved in version 1.62.0.1228 of the tool.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

trendmicro anti-threat_toolkit

Exploits

Exploit DB: TrendMicro Anti-Threat Toolkit Improper Fix
The fix that was applied to address a code execution vulnerability in Trend Micro Anti-Threat Toolkit (ATTK) was insufficient ...

Mailing Lists

Full Disclosure: [CVE-2019-20358] CVE-2019-9491 in Trend Micro Anti-Threat Toolkit (ATTK) was NOT properly FIXED
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> [CVE-2019-20358] CVE-2019-9491 in Trend Micro Anti-Threat Toolkit (ATTK) was NOT properly FIXED <!--X-Subject-Header-E ...

References

CWE-427CWE-426CWE-732https://success.trendmicro.com/solution/000149878https://seclists.org/bugtraq/2020/Jan/55http://seclists.org/fulldisclosure/2020/Jan/50https://nvd.nist.govhttps://packetstormsecurity.com/files/156160/TrendMicro-Anti-Threat-Toolkit-Improper-Fix.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook