CVE-2019-19694

CWE-20 — Improper Input Validation3 documents3 sources

Severity

4.7MEDIUM

EPSS

0.3%

top 50.03%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Trendmicro Antivirus \+ Security 2019 Trendmicro Internet Security 2019 Trendmicro Maximum Security 2019 +3 more

Timeline

PublishedFeb 20

Latest updateMay 24

Description

The Trend Micro Security 2019 (15.0.0.1163 and below) consumer family of products is vulnerable to a denial of service (DoS) attack in which a malicious actor could manipulate a key file at a certain time during the system startup process to disable the product's malware protection functions or the entire product completely..

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages6 packages

▶NVDtrendmicro/maximum_security_201915.0.0.1163

▶NVDtrendmicro/premium_security_201915.0.0.1163

▶NVDtrendmicro/internet_security_201915.0.0.1163

▶NVDtrendmicro/antivirus_\+_security_201915.0.0.1163

▶CVEListV5trend_micro/trend_micro_security_(consumer)2019 (v15.0.0.1163 and below)

🔴Vulnerability Details

GHSA

GHSA-qc97-89j6-hccc: The Trend Micro Security 2019 (15↗2022-05-24

▶

CVEList

CVE-2019-19694: The Trend Micro Security 2019 (15↗2020-02-20

▶