Описание
A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrary location, allowing a escalation of privileges on an affected system.
Ссылки
- PatchVendor Advisory
- PatchThird Party AdvisoryVDB Entry
- PatchVendor Advisory
- PatchThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Одновременно
EPSS
7 High
CVSS3
Дефекты
Связанные уязвимости
A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrary location, allowing a escalation of privileges on an affected system.
Уязвимость механизма очистки Damage Cleanup Engine средства антивирусной защиты Trend Micro Maximum Security, позволяющая нарушителю повысить свои привилегии
EPSS
7 High
CVSS3