CVE-2020-8607
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability.
Una vulnerabilidad de comprobación de entrada que se encuentra en varios productos de Trend Micro que usan una versión particular de un controlador de protección de rootkit específico, podría permitir a un atacante en modo usuario con permisos de administrador abusar del controlador para modificar una dirección del kernel que puede causar un bloqueo del sistema o potencialmente conllevar a una ejecución de código en modo kernel. Un atacante ya debe haber obtenido acceso de administrador en la máquina de destino (legítimamente o mediante un ataque no relacionado separado) para explotar esta vulnerabilidad
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-02-04 CVE Reserved
- 2020-08-05 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
https://jvn.jp/en/vu/JVNVU99160193/index.html | Third Party Advisory | |
https://jvn.jp/vu/JVNVU99160193 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://success.trendmicro.com/solution/000260713 | 2020-08-11 |
URL | Date | SRC |
---|---|---|
https://success.trendmicro.com/jp/solution/000260748 | 2020-08-11 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Trendmicro Search vendor "Trendmicro" | Antivirus Toolkit Search vendor "Trendmicro" for product "Antivirus Toolkit" | < 1.62.1240 Search vendor "Trendmicro" for product "Antivirus Toolkit" and version " < 1.62.1240" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Apex One Search vendor "Trendmicro" for product "Apex One" | 2019 Search vendor "Trendmicro" for product "Apex One" and version "2019" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Apex One Search vendor "Trendmicro" for product "Apex One" | saas Search vendor "Trendmicro" for product "Apex One" and version "saas" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Deep Security Search vendor "Trendmicro" for product "Deep Security" | 9.6 Search vendor "Trendmicro" for product "Deep Security" and version "9.6" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Deep Security Search vendor "Trendmicro" for product "Deep Security" | 10.0 Search vendor "Trendmicro" for product "Deep Security" and version "10.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Deep Security Search vendor "Trendmicro" for product "Deep Security" | 11.0 Search vendor "Trendmicro" for product "Deep Security" and version "11.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Deep Security Search vendor "Trendmicro" for product "Deep Security" | 12.0 Search vendor "Trendmicro" for product "Deep Security" and version "12.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Officescan Search vendor "Trendmicro" for product "Officescan" | xg Search vendor "Trendmicro" for product "Officescan" and version "xg" | sp1 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Officescan Business Security Search vendor "Trendmicro" for product "Officescan Business Security" | 9.0 Search vendor "Trendmicro" for product "Officescan Business Security" and version "9.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Officescan Business Security Search vendor "Trendmicro" for product "Officescan Business Security" | 9.5 Search vendor "Trendmicro" for product "Officescan Business Security" and version "9.5" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Officescan Business Security Search vendor "Trendmicro" for product "Officescan Business Security" | 10.0 Search vendor "Trendmicro" for product "Officescan Business Security" and version "10.0" | sp1 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Officescan Business Security Service Search vendor "Trendmicro" for product "Officescan Business Security Service" | - | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Officescan Cloud Search vendor "Trendmicro" for product "Officescan Cloud" | 15 Search vendor "Trendmicro" for product "Officescan Cloud" and version "15" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Officescan Cloud Search vendor "Trendmicro" for product "Officescan Cloud" | 16.0 Search vendor "Trendmicro" for product "Officescan Cloud" and version "16.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Online Scan Search vendor "Trendmicro" for product "Online Scan" | 8.0 Search vendor "Trendmicro" for product "Online Scan" and version "8.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Portable Security Search vendor "Trendmicro" for product "Portable Security" | 2.0 Search vendor "Trendmicro" for product "Portable Security" and version "2.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Portable Security Search vendor "Trendmicro" for product "Portable Security" | 3.0 Search vendor "Trendmicro" for product "Portable Security" and version "3.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Rootkit Buster Search vendor "Trendmicro" for product "Rootkit Buster" | 2.2 Search vendor "Trendmicro" for product "Rootkit Buster" and version "2.2" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Safe Lock Search vendor "Trendmicro" for product "Safe Lock" | - | txone |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Safe Lock Search vendor "Trendmicro" for product "Safe Lock" | 2.0 Search vendor "Trendmicro" for product "Safe Lock" and version "2.0" | sp1 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Serverprotect Search vendor "Trendmicro" for product "Serverprotect" | 5.8 Search vendor "Trendmicro" for product "Serverprotect" and version "5.8" | emc |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Serverprotect Search vendor "Trendmicro" for product "Serverprotect" | 5.8 Search vendor "Trendmicro" for product "Serverprotect" and version "5.8" | netware |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Serverprotect Search vendor "Trendmicro" for product "Serverprotect" | 5.8 Search vendor "Trendmicro" for product "Serverprotect" and version "5.8" | windows |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Trendmicro Search vendor "Trendmicro" | Serverprotect Search vendor "Trendmicro" for product "Serverprotect" | 6.0 Search vendor "Trendmicro" for product "Serverprotect" and version "6.0" | storage |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|