PT-2019-19684 · Trend Micro · Trend Micro Officescan

Published

2019-07-26

Updated

2020-08-24

CVE-2019-9492

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Trend Micro OfficeScan versions 11.0 SP1 and XG

Description A DLL side-loading issue could allow an authenticated attacker to gain code execution and terminate the product's process, disabling endpoint protection. The attacker must have already gained authentication and have local access to the vulnerable system.

Recommendations For Trend Micro OfficeScan version 11.0 SP1, update to a version that includes a fix for this issue. For Trend Micro OfficeScan version XG, update to a version that includes a fix for this issue.

Fix

Untrusted Search Path

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-426

Related Identifiers

CVE-2019-9492

Affected Products

Trend Micro Officescan

PT-2019-19684 · Trend Micro · Trend Micro Officescan

CVE-2019-9492

Weakness Enumeration

Related Identifiers

Affected Products

References · 4