CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2024-23940
https://notcve.org/view.php?id=CVE-2024-23940
29 Jan 2024 — Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system. Trend Micro uiAirSupport, incluido en la familia de productos de consumo Trend Micro Security 2023, versión 6.0.2092 y anteriores, es vulnerable a una vulnerabilida... • https://helpcenter.trendmicro.com/en-us/article/tmka-12134 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-28929
https://notcve.org/view.php?id=CVE-2023-28929
26 Jun 2023 — Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to a DLL Hijacking vulnerability which could allow an attacker to use a specific executable file as an execution and/or persistence mechanism which could execute a malicious program each time the executable file is started. • https://helpcenter.trendmicro.com/en-us/article/tmka-19062 • CWE-427: Uncontrolled Search Path Element •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27883 – Trend Micro Antivirus for Mac Link Following Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-27883
01 Apr 2022 — A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to create a specially-crafted file as a symlink that can lead to privilege escalation. Please note that an attacker must at least have low-level privileges on the system to attempt to exploit this vulnerability. Una vulnerabilidad de seguimiento de enlaces en Trend Micro Antivirus para Mac versión 11.5, podría permitir a un atacante crear un archivo especialmente diseñado como un enlace simbólico que puede conllevar... • https://helpcenter.trendmicro.com/en-us/article/tmka-10978 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-24671 – Trend Micro Antivirus for Mac Link Following Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-24671
16 Feb 2022 — A link following privilege escalation vulnerability in Trend Micro Antivirus for Max 11.0.2150 and below could allow a local attacker to modify a file during the update process and escalate their privileges. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de escalada de privilegios en Trend Micro Antivirus para Max versiones 11.0.2150 y anteriores, podría permitir a un atacante local modific... • https://helpcenter.trendmicro.com/en-us/article/TMKA-10937 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2021-44023 – Trend Micro Maximum Security Link Following Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-44023
14 Dec 2021 — A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer) 2021 familiy of products could allow an attacker to abuse the PC Health Checkup feature of the product to create symlinks that would allow modification of files which could lead to a denial-of-service. Una vulnerabilidad de denegación de servicio (DoS) en la familia de productos Trend Micro Security (Consumer) versión 2021, podría permitir a un atacante abusar de la función PC Health Checkup del producto para crear... • https://helpcenter.trendmicro.com/en-us/article/tmka-10867 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-43772
https://notcve.org/view.php?id=CVE-2021-43772
03 Dec 2021 — Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that allows files inside the protected folder to be modified without any detection. Trend Micro Security 2021 versión v17.0 (Consumer), contiene una vulnerabilidad que permite modificar los archivos dentro de la carpeta protegida sin ninguna detección • https://helpcenter.trendmicro.com/en-us/article/tmka-10855 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43771 – Trend Micro Antivirus for Mac Improper Access Control Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-43771
17 Nov 2021 — Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Trend Micro Antivirus para Mac 2021 versión v11 (Consumer), es susceptible a una vulnerabilidad de esc... • https://helpcenter.trendmicro.com/en-us/article/TMKA-10832 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-28648 – Trend Micro Antivirus for Mac Improper Access Control Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-28648
15 Apr 2021 — Trend Micro Antivirus for Mac 2020 v10.5 and 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability. Trend Micro Antivirus para Mac 2020 versiones v10.5 y 2021 v11 (Consumidor) es susceptible a una... • https://helpcenter.trendmicro.com/en-us/article/TMKA-10293 •
CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0CVE-2021-25251
https://notcve.org/view.php?id=CVE-2021-25251
10 Feb 2021 — The Trend Micro Security 2020 and 2021 families of consumer products are vulnerable to a code injection vulnerability which could allow an attacker to disable the program's password protection and disable protection. An attacker must already have administrator privileges on the machine to exploit this vulnerability. Las familias de productos de consumo Trend Micro Security 2020 y 2021, son vulnerables a una vulnerabilidad de inyección de código que podría permitir a un atacante desactivar la protección con ... • https://helpcenter.trendmicro.com/en-us/article/TMKA-10211 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-25227 – Trend Micro Antivirus for Mac Memory Exhaustion Denial-Of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-25227
29 Jan 2021 — Trend Micro Antivirus for Mac 2021 (Consumer) is vulnerable to a memory exhaustion vulnerability that could lead to disabling all the scanning functionality within the application. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability - i.e. the attacker must already have access to the target system (either legitimately or via another exploit). Trend Micro Antivirus para Mac 2021 (Consumer) es susceptible a una vulne... • https://helpcenter.trendmicro.com/en-us/article/TMKA-10191 • CWE-400: Uncontrolled Resource Consumption •