CVE-2019-14687

CWE-427CWE-4263 documents3 sources
Severity
7.8HIGH
EPSS
0.3%
top 46.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Trend Micro Trend Micro Password ManagerTrendmicro Password Manager
Timeline
PublishedAug 20
Latest updateMay 24

Description

A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service's process. This process is very similar, yet not identical to CVE-2019-14684.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-jww8-q46r-8w4c: A DLL hijacking vulnerability exists in Trend Micro Password Manager 52022-05-24
CVEList
CVE-2019-14687: A DLL hijacking vulnerability exists in Trend Micro Password Manager 52019-08-20
CVE-2019-14687 (HIGH CVSS 7.8) | A DLL hijacking vulnerability exist | cvebase.io