Overview
- Description
- An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administrator privileges on the target machine in order to exploit the vulnerability.
- Source
- security@trendmicro.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.7
- Impact score
- 5.9
- Exploitability score
- 0.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:antivirus_\\+_security_2019:15.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2168F0AA-A101-4BB5-8FE7-A2FC0EEC19C8"
},
{
"criteria": "cpe:2.3:a:trendmicro:internet_security_2019:15.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A4D113B-E444-4344-A622-18F122905F5F"
},
{
"criteria": "cpe:2.3:a:trendmicro:maximum_security_2019:15.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92C78BD2-C3DC-4592-90A8-24E50A0283DE"
},
{
"criteria": "cpe:2.3:a:trendmicro:premium_security_2019:15.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76DCBC40-BD00-4801-BD3B-B0DD2AAE9639"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]