CVE-2022-24671

Name of the Vulnerable Software and Affected Versions Trend Micro Antivirus for Mac versions 11.0.2150 and below

Description A link following privilege escalation issue could allow a local attacker to modify a file during the update process and escalate their privileges. The attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this issue. The vulnerability is related to incorrect link resolution before accessing a file.

Recommendations For versions 11.0.2150 and below, update to a version above 11.0.2150 to resolve the issue. As a temporary workaround, consider restricting access to the update process until a patch is available.