CVE-2019-14686

CWE-427 CWE-4263 documents3 sources

Severity

7.8HIGH

EPSS

0.3%

top 46.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Trendmicro Antivirus \+ Security 2019 Trendmicro Internet Security 2019 Trendmicro Maximum Security 2019 +2 more

Timeline

PublishedAug 21

Latest updateMay 24

Description

A DLL hijacking vulnerability exists in the Trend Micro Security's 2019 consumer family of products (v15) Folder Shield component and the standalone Trend Micro Ransom Buster (1.0) tool in which, if exploited, would allow an attacker to load a malicious DLL, leading to elevated privileges.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages5 packages

▶NVDtrendmicro/ransom_buster1.0

▶NVDtrendmicro/maximum_security_201915.0

▶NVDtrendmicro/premium_security_201915.0

▶NVDtrendmicro/internet_security_201915.0

▶NVDtrendmicro/antivirus_\+_security_201915.0

🔴Vulnerability Details

GHSA

GHSA-mg8x-qxp2-gxgj: A DLL hijacking vulnerability exists in the Trend Micro Security's 2019 consumer family of products (v15) Folder Shield component and the standalone T↗2022-05-24

▶

CVEList

CVE-2019-14686: A DLL hijacking vulnerability exists in the Trend Micro Security's 2019 consumer family of products (v15) Folder Shield component and the standalone T↗2019-08-21

▶