CVE-2019-9492

CWE-4263 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 71.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Trend Micro Trend Micro OfficescanTrendmicro Officescan
Timeline
PublishedJul 26
Latest updateMay 24

Description

A DLL side-loading vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow an authenticated attacker to gain code execution and terminate the product's process - disabling endpoint protection. The attacker must have already gained authentication and have local access to the vulnerable system.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDtrendmicro/officescan11.0, xg+1
CVEListV5trend_micro/trend_micro_officescan11.0 SP1, XG (12.0)

Patches

Patch: success.trendmicro.comPatch: success.trendmicro.com

🔴Vulnerability Details

2
GHSA
GHSA-9gmj-78x4-fxf5: A DLL side-loading vulnerability in Trend Micro OfficeScan 112022-05-24
CVEList
CVE-2019-9492: A DLL side-loading vulnerability in Trend Micro OfficeScan 112019-07-26
CVE-2019-9492 (HIGH CVSS 7.8) | A DLL side-loading vulnerability in | cvebase.io