// For flags

CVE-2018-18333

 

Severity Score

7.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

4
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163 and below could allow an attacker to manipulate a specific DLL and escalate privileges on vulnerable installations.

Una vulnerabilidad de secuestro de DLL en Trend Micro Security 2019 (Consumer), en versiones anteriores a la 15.0.0.1163, podría permitir a un atacante manipular un DLL específico y escalar privilegios en instalaciones vulnerables.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-10-15 CVE Reserved
  • 2019-02-05 CVE Published
  • 2022-08-28 First Exploit
  • 2024-01-30 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-426: Untrusted Search Path
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Trendmicro
Search vendor "Trendmicro"
Antivirus \+ Security
Search vendor "Trendmicro" for product "Antivirus \+ Security"
< 15.0.0.1163
Search vendor "Trendmicro" for product "Antivirus \+ Security" and version " < 15.0.0.1163"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
--
Safe
Trendmicro
Search vendor "Trendmicro"
Internet Security
Search vendor "Trendmicro" for product "Internet Security"
< 15.0.0.1163
Search vendor "Trendmicro" for product "Internet Security" and version " < 15.0.0.1163"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
--
Safe
Trendmicro
Search vendor "Trendmicro"
Maximum Security
Search vendor "Trendmicro" for product "Maximum Security"
< 15.0.0.1163
Search vendor "Trendmicro" for product "Maximum Security" and version " < 15.0.0.1163"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
--
Safe
Trendmicro
Search vendor "Trendmicro"
Premium Security
Search vendor "Trendmicro" for product "Premium Security"
< 15.0.0.1163
Search vendor "Trendmicro" for product "Premium Security" and version " < 15.0.0.1163"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
--
Safe