CVE-2022-34893

CWE-593 documents3 sources
Severity
7.8HIGH
EPSS
0.2%
top 52.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Trendmicro SecurityTrend Micro Trend Micro Security (consumer)
Timeline
PublishedSep 19
Latest updateSep 20

Description

Trend Micro Security 2022 (consumer) has a link following vulnerability where an attacker with lower privileges could manipulate a mountpoint which could lead to escalation of privilege on an affected machine.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5trend_micro/trend_micro_security_(consumer)2022 (17.7.1179 and below)
NVDtrendmicro/security17.7.1179

Patches

Patch: helpcenter.trendmicro.comPatch: helpcenter.trendmicro.com

🔴Vulnerability Details

2
GHSA
GHSA-hc8w-f35h-8rrj: Trend Micro Security 2022 (consumer) has a link following vulnerability where an attacker with lower privileges could manipulate a mountpoint which co2022-09-20
CVEList
CVE-2022-34893: Trend Micro Security 2022 (consumer) has a link following vulnerability where an attacker with lower privileges could manipulate a mountpoint which co2022-09-19
CVE-2022-34893 (HIGH CVSS 7.8) | Trend Micro Security 2022 (consumer | cvebase.io