PT-2019-14306 · Trend Micro · Trend Micro Security

Publicado

2019-12-02

Atualizado

2019-12-13

CVE-2019-15628

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Trend Micro Security (Consumer) 2020 versions 16.0.1221 and below

Description The issue allows an attacker to use a specific service as an execution and/or persistence mechanism, potentially executing a malicious program each time the service is started. This is due to a DLL hijacking vulnerability.

Recommendations For versions 16.0.1221 and below, update to a version above 16.0.1221 to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable service to minimize the risk of exploitation.

Correção

Untrusted Search Path

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-426

Identificadores relacionados

CVE-2019-15628

Produtos afetados

Trend Micro Security

PT-2019-14306 · Trend Micro · Trend Micro Security

CVE-2019-15628

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8