CVE-2019-20357
Description
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Trend Micro Security 2019/2020 allows local attackers to achieve persistent arbitrary code execution as SYSTEM by placing a malicious executable in the root directory before reboot.
Vulnerability
A persistent arbitrary code execution vulnerability exists in Trend Micro Security 2019 (v15) and 2020 (v16) consumer products on Windows. The coreServiceShell.exe service loads and executes a binary from c:\ during system startup without proper integrity verification. Affected versions include Premium Security, Maximum Security, Internet Security, and Antivirus + Security for both v15 and v16 [1].
Exploitation
An attacker with local access can compile a malicious executable and place it under the c:\ directory. Upon system reboot, the coreServiceShell.exe service automatically loads and executes this binary with SYSTEM integrity. No user interaction beyond a reboot is required [1].
Impact
Successful exploitation allows the attacker to achieve arbitrary code execution with SYSTEM privileges and establish persistence on the vulnerable system. This enables full compromise of the host, including installation of malware, data theft, and complete system control [1].
Mitigation
Trend Micro has published a support advisory at https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124099.aspx [1]. Users should apply the latest security update for their product version as recommended by the vendor. No workaround other than patching has been disclosed.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Range: v160
- Range: v15
- Range: 2019 (v15) and 2020 (v16)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- hyp3rlinx.altervista.org/advisories/TREND-MICRO-SECURITY-CONSUMER-PERSISTENT-ARBITRARY-CODE-EXECUTION.txtmitrex_refsource_MISC
- esupport.trendmicro.com/en-us/home/pages/technical-support/1124099.aspxmitrex_refsource_MISC
- seclists.org/bugtraq/2020/Jan/28mitremailing-listx_refsource_BUGTRAQ
News mentions
0No linked articles in our index yet.