Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-23940

Published: 29/01/2024 Updated: 06/02/2024
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
Subscribe to Air Support

Vulnerability Summary

Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an malicious user to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

trendmicro air_support

trendmicro antivirus_\\+_security

trendmicro internet_security

trendmicro maximum_security

trendmicro premium_security

References

CWE-427https://helpcenter.trendmicro.com/en-us/article/tmka-12134https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook