PT-2022-2923 · Trend Micro · Trend Micro Security

Published

2022-01-07

Updated

2022-06-16

CVE-2022-30703

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Trend Micro Security versions 2021 through 2022

Description The issue is related to an exposed dangerous method vulnerability that could allow an attacker to obtain access to leaked kernel addresses and disclose sensitive information. This could also potentially be chained for privilege escalation. The vulnerability exists due to errors in system call filtering in the NCIE Scanner module of Trend Micro Security.

Recommendations For Trend Micro Security versions 2021 and 2022, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-749

Related Identifiers

BDU:2022-03524

CVE-2022-30703

ZDI-22-801

Affected Products

Trend Micro Security

PT-2022-2923 · Trend Micro · Trend Micro Security

CVE-2022-30703

Weakness Enumeration

Related Identifiers

Affected Products

References · 8