Medium severity6.7NVD Advisory· Published Aug 5, 2020· Updated Jun 17, 2026
CVE-2020-8607
CVE-2020-8607
Description
An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12- Range: 1.62.1240 and below
- Trend Micro/Trend Micro Apex Onev5Range: 2019 (On premise), SaaS
- Range: 12.x, 11.x. 10.x
- Trend Micro/Trend Micro HouseCallv5Range: 8.0
- Trend Micro/Trend Micro OfficeScanv5Range: XG SP1
3.x, 2.x+ 1 more
- (no CPE)range: 3.x, 2.x
- (no CPE)range: 2020 (v16), 2019 (v15)
- Range: 2.2
- Trend Micro/Trend Micro Safe Lockv5Range: 2.0 SP1, TXOne Ed
- Trend Micro/Trend Micro ServerProtectv5Range: SPFS 6.0, SPNAF 5.8, SPEMC 5.8, SPNT 5.8
- Range: 10.0 SP1, Services (SaaS)
Patches
Vulnerability mechanics
References
4- success.trendmicro.com/solution/000260713nvdPatchVendor Advisory
- jvn.jp/en/vu/JVNVU99160193/index.htmlnvdThird Party Advisory
- jvn.jp/vu/JVNVU99160193/nvdThird Party Advisory
- success.trendmicro.com/jp/solution/000260748nvdVendor Advisory
News mentions
0No linked articles in our index yet.