Trend Micro Security vulnerabilities

CVE-2019-19697 [MEDIUM] CVE-2019-19697: An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer fam An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administrator privileges on the target machine in order to exploit t

CVE-2019-19693 [HIGH] CWE-59 CVE-2019-19693: The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow a local attacker to disclose sensitive information or to create a denial-of-service condition on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE-2019-18190 [CRITICAL] CWE-476 CVE-2019-18190: Trend Micro Security (Consumer) 2020 (v16.x) is affected by a vulnerability in where null pointer de Trend Micro Security (Consumer) 2020 (v16.x) is affected by a vulnerability in where null pointer dereference errors result in the crash of application, which could potentially lead to possible unsigned code execution under certain circumstances.

CVE-2019-15628 [HIGH] CWE-426 CVE-2019-15628: Trend Micro Security (Consumer) 2020 (v16.0.1221 and below) is affected by a DLL hijacking vulnerabi Trend Micro Security (Consumer) 2020 (v16.0.1221 and below) is affected by a DLL hijacking vulnerability that could allow an attacker to use a specific service as an execution and/or persistence mechanism which could execute a malicious program each time the service is started.

CVE-2019-14685 [HIGH] CWE-428 CVE-2019-14685: A local privilege escalation vulnerability exists in Trend Micro Security 2019 (v15.0) in which, if A local privilege escalation vulnerability exists in Trend Micro Security 2019 (v15.0) in which, if exploited, would allow an attacker to manipulate a specific product feature to load a malicious service.

CVE-2018-18333 [HIGH] CWE-426 CVE-2018-18333: A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163 and A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163 and below could allow an attacker to manipulate a specific DLL and escalate privileges on vulnerable installations.

CVE-2018-10513 [HIGH] CWE-502 CVE-2018-10513: A Deserialization of Untrusted Data Privilege Escalation vulnerability in Trend Micro Security 2018 A Deserialization of Untrusted Data Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability.

CVE-2018-10514 [HIGH] CWE-269 CVE-2018-10514: A Missing Impersonation Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) p A Missing Impersonation Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability.

CVE-2018-15363 [HIGH] CWE-125 CVE-2018-15363: An Out-of-Bounds Read Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) pro An Out-of-Bounds Read Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability.