cbcvebase.
CVE-2022-27883
published 2022-04-09

CVE-2022-27883: A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to create a specially-crafted file as a symlink that can lead to…

PriorityP337high7.3CVSS 3.1
AVLACLPRLUIRSUCHIHAH
EPSS
1.19%
64.0th percentile
A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to create a specially-crafted file as a symlink that can lead to privilege escalation. Please note that an attacker must at least have low-level privileges on the system to attempt to exploit this vulnerability.

Affected

2 ranges
VendorProductVersion rangeFixed in
trend_microtrend_micro_antivirus_for_mac
trendmicroantivirus_for_mac<= 11.5

CVSS provenance

nvdv3.17.3HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
nvdv2.08.5HIGHAV:N/AC:M/Au:S/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.