An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
trendmicro antivirus_toolkit |
||
trendmicro apex_one 2019 |
||
trendmicro apex_one saas |
||
trendmicro deep_security 9.6 |
||
trendmicro deep_security 10.0 |
||
trendmicro deep_security 11.0 |
||
trendmicro deep_security 12.0 |
||
trendmicro officescan xg |
||
trendmicro officescan_business_security 9.0 |
||
trendmicro officescan_business_security 9.5 |
||
trendmicro officescan_business_security 10.0 |
||
trendmicro officescan_business_security_service - |
||
trendmicro officescan_cloud 15 |
||
trendmicro officescan_cloud 16.0 |
||
trendmicro online_scan 8.0 |
||
trendmicro portable_security 2.0 |
||
trendmicro portable_security 3.0 |
||
trendmicro rootkit_buster 2.2 |
||
trendmicro safe_lock - |
||
trendmicro safe_lock 2.0 |
||
trendmicro serverprotect 5.8 |
||
trendmicro serverprotect 6.0 |
Vulmon