CVE-2022-27883 – Trend Micro Antivirus for Mac Link Following Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2022-27883

A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to create a specially-crafted file as a symlink that can lead to privilege escalation. Please note that an attacker must at least have low-level privileges on the system to attempt to exploit this vulnerability. Una vulnerabilidad de seguimiento de enlaces en Trend Micro Antivirus para Mac versión 11.5, podría permitir a un atacante crear un archivo especialmente diseñado como un enlace simbólico que puede conllevar a una escalada de privilegios. Tenga en cuenta que un atacante debe tener al menos privilegios de bajo nivel en el sistema para intentar explotar esta vulnerabilidad This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Antivirus for Mac. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the libTmUtil dylib. • https://helpcenter.trendmicro.com/en-us/article/tmka-10978 https://www.zerodayinitiative.com/advisories/ZDI-22-546 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •