Security 2020
by Trend Micro
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-34893 | 0.00 | — | 0.00 | Sep 19, 2022 | Trend Micro Security 2022 (consumer) has a link following vulnerability where an attacker with lower privileges could manipulate a mountpoint which could lead to escalation of privilege on an affected machine. | |||
| CVE-2022-35234 | 0.00 | — | 0.00 | Jul 29, 2022 | Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. | |||
| CVE-2022-30702 | 0.00 | — | 0.00 | Jun 9, 2022 | Trend Micro Security 2022 and 2021 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure vulnerability that could allow an attacker to disclose sensitive information on an affected machine. | |||
| CVE-2021-43772 | 0.00 | — | 0.00 | Dec 3, 2021 | Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that allows files inside the protected folder to be modified without any detection. | |||
| CVE-2021-25251 | 0.00 | — | 0.01 | Feb 10, 2021 | The Trend Micro Security 2020 and 2021 families of consumer products are vulnerable to a code injection vulnerability which could allow an attacker to disable the program's password protection and disable protection. An attacker must already have administrator privileges on the… | |||
| CVE-2020-27696 | 0.00 | — | 0.00 | Nov 18, 2020 | Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a specific Windows system directory which can lead to obtaining administrative privileges during the installation of the product. | |||
| CVE-2020-25775 | 0.00 | — | 0.00 | Sep 28, 2020 | The Trend Micro Security 2020 (v16) consumer family of products is vulnerable to a security race condition arbitrary file deletion vulnerability that could allow an unprivileged user to manipulate the product's secure erase feature to delete files with a higher set of privileges. | |||
| CVE-2020-15603 | 0.00 | — | 0.01 | Jul 15, 2020 | An invalid memory read vulnerability in a Trend Micro Secuity 2020 (v16.0.0.1302 and below) consumer family of products' driver could allow an attacker to manipulate the specific driver to do a system call operation with an invalid address, resulting in a potential system crash. | |||
| CVE-2019-20357 | 0.00 | — | 0.00 | Jan 17, 2020 | A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a… | |||
| CVE-2019-19693 | 0.00 | — | 0.00 | Dec 20, 2019 | The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow a local attacker to disclose sensitive information or to create a denial-of-service condition on affected installations. An attacker must first obtain the ability to execute… |
- CVE-2022-34893Sep 19, 2022risk 0.00cvss —epss 0.00
Trend Micro Security 2022 (consumer) has a link following vulnerability where an attacker with lower privileges could manipulate a mountpoint which could lead to escalation of privilege on an affected machine.
- CVE-2022-35234Jul 29, 2022risk 0.00cvss —epss 0.00
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine.
- CVE-2022-30702Jun 9, 2022risk 0.00cvss —epss 0.00
Trend Micro Security 2022 and 2021 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure vulnerability that could allow an attacker to disclose sensitive information on an affected machine.
- CVE-2021-43772Dec 3, 2021risk 0.00cvss —epss 0.00
Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that allows files inside the protected folder to be modified without any detection.
- CVE-2021-25251Feb 10, 2021risk 0.00cvss —epss 0.01
The Trend Micro Security 2020 and 2021 families of consumer products are vulnerable to a code injection vulnerability which could allow an attacker to disable the program's password protection and disable protection. An attacker must already have administrator privileges on the…
- CVE-2020-27696Nov 18, 2020risk 0.00cvss —epss 0.00
Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a specific Windows system directory which can lead to obtaining administrative privileges during the installation of the product.
- CVE-2020-25775Sep 28, 2020risk 0.00cvss —epss 0.00
The Trend Micro Security 2020 (v16) consumer family of products is vulnerable to a security race condition arbitrary file deletion vulnerability that could allow an unprivileged user to manipulate the product's secure erase feature to delete files with a higher set of privileges.
- CVE-2020-15603Jul 15, 2020risk 0.00cvss —epss 0.01
An invalid memory read vulnerability in a Trend Micro Secuity 2020 (v16.0.0.1302 and below) consumer family of products' driver could allow an attacker to manipulate the specific driver to do a system call operation with an invalid address, resulting in a potential system crash.
- CVE-2019-20357Jan 17, 2020risk 0.00cvss —epss 0.00
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a…
- CVE-2019-19693Dec 20, 2019risk 0.00cvss —epss 0.00
The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow a local attacker to disclose sensitive information or to create a denial-of-service condition on affected installations. An attacker must first obtain the ability to execute…