PT-2020-16593 · Trend Micro · Trend Micro Antivirus For Mac

Cees Elzinga

Published

2020-10-26

Updated

2020-11-05

CVE-2020-27014

CVSS v2.0

6.9

Medium

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Trend Micro Antivirus for Mac 2020 (Consumer)

Description The issue is related to a race condition in the Web Threat Protection Blocklist component. If exploited, it could allow an attacker to cause a kernel panic or crash. To exploit this, an attacker must first obtain the ability to execute high-privileged code on the target system.

Recommendations For Trend Micro Antivirus for Mac 2020 (Consumer), consider restricting access to high-privileged code execution on the target system until a patch is available. As a temporary workaround, consider disabling the Web Threat Protection Blocklist component to minimize the risk of exploitation.

Fix

Time Of Check To Time Of Use

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-367

Related Identifiers

CVE-2020-27014

ZDI-20-1285

Affected Products

Trend Micro Antivirus For Mac

PT-2020-16593 · Trend Micro · Trend Micro Antivirus For Mac

CVE-2020-27014

Weakness Enumeration

Related Identifiers

Affected Products

References · 4