Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2019-9491

Published: 21/10/2019 Updated: 07/11/2023
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 454
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Vulnerability Summary

Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an malicious user to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

trendmicro anti-threat toolkit

Exploits

Exploit DB: TrendMicro Anti-Threat Toolkit Improper Fix
The fix that was applied to address a code execution vulnerability in Trend Micro Anti-Threat Toolkit (ATTK) was insufficient ...
Exploit DB: Trend Micro Anti-Threat Toolkit (ATTK) 1.62.0.1218 Remote Code Execution
Trend Micro Anti-Threat Toolkit (ATTK) versions 16201218 and below suffer from a remote code execution vulnerability ...

Mailing Lists

Full Disclosure: Trend Micro Anti-Threat Toolkit (ATTK) <= v1.62.0.1218 Remote Code Execution 0day CVE-2019-9491
[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinxaltervistaorg [+] Source: hyp3rlinxaltervistaorg/advisories/TREND-MICRO-ANTI-THREAT-TOOLKIT-(ATTK)-REMOTE-CODE-EXECUTIONtxt [+] ISR: Apparition Security [Vendor]wwwtrendmicrocom [Product] Trend Micro Anti-Threat Toolkit (ATTK) 16201218 and below Trend Micr ...
Full Disclosure: [CVE-2019-20358] CVE-2019-9491 in Trend Micro Anti-Threat Toolkit (ATTK) was NOT properly FIXED
Hi @ll, on September 29, 2019, John Page reported a remote code execution with escalation of privilege in TrendMicro's Anti-Threat Toolkit to its vendor TrendMicro assigned CVE-2019-9491 to this vulnerability and told the reporter, his dog and the world on October 18, 2019, that they had fixed the vulnerable product See &lt;successtren ...

Recent Articles

ATTK of the Pwns: Trend Micro's antivirus tools 'will run malware – if its filename is cmd.exe'
The Register • Shaun Nichols in San Francisco • 21 Oct 2019

Try not to save files to your Windows PC called cmd.exe or regedit.exe Deus ex hackina: It took just 10 minutes to find data-divulging demons corrupting Pope's Click to Pray eRosary app

Video A flaw in the Trend Micro Anti-Threat Toolkit can be exploited by hackers to run malware on victims' Windows computers. Bug-hunter John "hyp3rlinx" Page took credit for uncovering CVE-2019-9491, an arbitrary code execution flaw in the security tool. In short, the Trend software can be tricked into executing any old piece of software under the sun, including malware, when it is scanned, provided the filename is cmd.exe or regedit.exe. No, really. "Trend Micro Anti-Threat Toolkit (ATTK) will...

Read more...

References

CWE-427https://success.trendmicro.com/solution/000149878https://seclists.org/bugtraq/2019/Oct/30http://seclists.org/fulldisclosure/2019/Oct/42https://seclists.org/bugtraq/2020/Jan/55http://packetstormsecurity.com/files/156160/TrendMicro-Anti-Threat-Toolkit-Improper-Fix.htmlhttp://seclists.org/fulldisclosure/2020/Jan/50http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-ANTI-THREAT-TOOLKIT-%28ATTK%29-REMOTE-CODE-EXECUTION.txthttps://nvd.nist.govhttps://www.theregister.co.uk/2019/10/21/flaw_trend_micro/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995CVE-2024-36680CVE-2024-35537unauthorizedCVE-2024-21518CVE-2024-37673cross-site scriptingSSRFCVE-2024-6241
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook