cbcvebase.
CVE-2020-8607
published 2020-08-05

CVE-2020-8607: An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an…

PriorityP428medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
EPSS
0.66%
46.8th percentile
An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability.

Affected

31 ranges· showing 25
VendorProductVersion rangeFixed in
trend_microtrend_micro_anti-threat_toolkit
trend_microtrend_micro_apex_one
trend_microtrend_micro_deep_security
trend_microtrend_micro_housecall
trend_microtrend_micro_officescan
trend_microtrend_micro_portable_security
trend_microtrend_micro_rootkit_buster
trend_microtrend_micro_safe_lock
trend_microtrend_micro_security
trend_microtrend_micro_serverprotect
trend_microtrend_micro_worry-free_business_security
trendmicroantivirus_toolkit< 1.62.12401.62.1240
trendmicroapex_one
trendmicroapex_one
trendmicrodeep_security
trendmicrodeep_security
trendmicrodeep_security
trendmicrodeep_security
trendmicroofficescan
trendmicroofficescan_business_security
trendmicroofficescan_business_security
trendmicroofficescan_business_security
trendmicroofficescan_cloud
trendmicroofficescan_cloud
trendmicroonline_scan

CVSS provenance

nvdv3.16.7MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.