CVE-2018-6218

CWE-4263 documents3 sources

Severity

7.0HIGH

EPSS

0.4%

top 41.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Trend Micro Trend Micro User-mode Hooking (umh) Module Trendmicro Deep Security Trendmicro Endpoint Sensor +3 more

Timeline

PublishedFeb 16

Latest updateMay 13

Description

A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages6 packages

▶CVEListV5trend_micro/trend_micro_user-mode_hooking_(umh)_moduleNA

▶NVDtrendmicro/security12.0

▶NVDtrendmicro/officescan11.0, 12.0+1

▶NVDtrendmicro/deep_security10.0, 10.1+1

▶NVDtrendmicro/endpoint_sensor1.6

🔴Vulnerability Details

GHSA

GHSA-5h87-5cj8-gq98: A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system↗2022-05-13

▶

CVEList

CVE-2018-6218: A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system↗2018-02-16

▶