Описание
Trend Micro Security (Consumer) 2020 (v16.0.1221 and below) is affected by a DLL hijacking vulnerability that could allow an attacker to use a specific service as an execution and/or persistence mechanism which could execute a malicious program each time the service is started.
Ссылки
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 16.0.1221 (включая)Версия до 16.0.1221 (включая)Версия до 16.0.1221 (включая)Версия до 16.0.1221 (включая)
Одновременно
Одно из
cpe:2.3:a:trendmicro:antivirus_\+_security_2020:*:*:*:*:*:*:*:*
cpe:2.3:a:trendmicro:internet_security_2020:*:*:*:*:*:*:*:*
cpe:2.3:a:trendmicro:maximum_security_2020:*:*:*:*:*:*:*:*
cpe:2.3:a:trendmicro:premium_security_2020:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.00242
Низкий
7.8 High
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-426
Связанные уязвимости
github
больше 3 лет назад
Trend Micro Security (Consumer) 2020 (v16.0.1221 and below) is affected by a DLL hijacking vulnerability that could allow an attacker to use a specific service as an execution and/or persistence mechanism which could execute a malicious program each time the service is started.
EPSS
Процентиль: 47%
0.00242
Низкий
7.8 High
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-426