Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.1
CVSSv2

CVE-2019-9491

Published: 21/10/2019 Updated: 07/11/2023
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 454
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Subscribe to Trendmicro

Vulnerability Summary

Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an malicious user to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

trendmicro anti-threat_toolkit

Exploits

Exploit DB: TrendMicro Anti-Threat Toolkit Improper Fix
The fix that was applied to address a code execution vulnerability in Trend Micro Anti-Threat Toolkit (ATTK) was insufficient ...
Exploit DB: Trend Micro Anti-Threat Toolkit (ATTK) 1.62.0.1218 Remote Code Execution
Trend Micro Anti-Threat Toolkit (ATTK) versions 16201218 and below suffer from a remote code execution vulnerability ...

Mailing Lists

Full Disclosure: [CVE-2019-20358] CVE-2019-9491 in Trend Micro Anti-Threat Toolkit (ATTK) was NOT properly FIXED
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> [CVE-2019-20358] CVE-2019-9491 in Trend Micro Anti-Threat Toolkit (ATTK) was NOT properly FIXED <!--X-Subject-Header-E ...
Full Disclosure: Trend Micro Anti-Threat Toolkit (ATTK) <= v1.62.0.1218 Remote Code Execution 0day CVE-2019-9491
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Trend Micro Anti-Threat Toolkit (ATTK) &lt;= v16201218 Remote Code Execution 0day CVE-2019-9491 <!--X-Subject-Heade ...

Recent Articles

ATTK of the Pwns: Trend Micro's antivirus tools 'will run malware – if its filename is cmd.exe'
The Register • Shaun Nichols in San Francisco • 21 Oct 2019

Try not to save files to your Windows PC called cmd.exe or regedit.exe Deus ex hackina: It took just 10 minutes to find data-divulging demons corrupting Pope's Click to Pray eRosary app

Video A flaw in the Trend Micro Anti-Threat Toolkit can be exploited by hackers to run malware on victims' Windows computers. Bug-hunter John "hyp3rlinx" Page took credit for uncovering CVE-2019-9491, an arbitrary code execution flaw in the security tool. In short, the Trend software can be tricked into executing any old piece of software under the sun, including malware, when it is scanned, provided the filename is cmd.exe or regedit.exe. No, really. "Trend Micro Anti-Threat Toolkit (ATTK) will...

Read more...

References

CWE-427https://success.trendmicro.com/solution/000149878https://seclists.org/bugtraq/2019/Oct/30http://seclists.org/fulldisclosure/2019/Oct/42https://seclists.org/bugtraq/2020/Jan/55http://packetstormsecurity.com/files/156160/TrendMicro-Anti-Threat-Toolkit-Improper-Fix.htmlhttp://seclists.org/fulldisclosure/2020/Jan/50http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-ANTI-THREAT-TOOLKIT-%28ATTK%29-REMOTE-CODE-EXECUTION.txthttps://nvd.nist.govhttps://www.theregister.co.uk/2019/10/21/flaw_trend_micro/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook