CVE-2019-19697
published 2020-01-18CVE-2019-19697: An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain…
PriorityP336medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
EXPLOIT
EPSS
0.82%
52.6th percentile
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administrator privileges on the target machine in order to exploit the vulnerability.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| trend_micro | trend_micro_security | — | — |
| trendmicro | antivirus_+_security_2019 | — | — |
| trendmicro | internet_security_2019 | — | — |
| trendmicro | maximum_security_2019 | — | — |
| trendmicro | premium_security_2019 | — | — |
CVSS provenance
nvdv3.16.7MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-SECURITY-CONSUMER-SECURITY-BYPASS-PROTECTED-SERVICE-TAMPERING.txthttps://esupport.trendmicro.com/en-us/home/pages/technical-support/1124090.aspxhttps://seclists.org/bugtraq/2020/Jan/29http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-SECURITY-CONSUMER-SECURITY-BYPASS-PROTECTED-SERVICE-TAMPERING.txthttps://esupport.trendmicro.com/en-us/home/pages/technical-support/1124090.aspxhttps://seclists.org/bugtraq/2020/Jan/29
2020-01-18
Published