CVE-2020-25777 — Micro Antivirus FOR MAC vulnerability

3 documents3 sources

Severity

5.4MEDIUMNVD

EPSS

0.3%

top 50.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Trend Micro Antivirus FOR MAC Trendmicro Antivirus

Timeline

PublishedOct 14

Latest updateMay 24

Description

Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a specific kernel extension request attack where an attacker could bypass the Web Threat Protection feature of the product. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.5

Affected Packages2 packages

▶NVDtrendmicro/antivirus2019, 2020+1

▶CVEListV5trend_micro/trend_micro_antivirus_for_mac2020 (v10.x) and 2019 (v9.x)

Patches

Patch: helpcenter.trendmicro.com ↗Patch: helpcenter.trendmicro.com ↗

🔴Vulnerability Details

GHSA

GHSA-6mgx-rrgg-x26x: Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a specific kernel extension request attack where an attacker could bypass the Web Threa↗2022-05-24

▶

CVEList

CVE-2020-25777: Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a specific kernel extension request attack where an attacker could bypass the Web Threa↗2020-10-14

▶