VYPR

Trend Micro Security (Consumer) 2020

by Trend Micro

CVEs (34)

  • CVE-2020-15604HigSep 24, 2020
    risk 0.49cvss 7.5epss 0.02

    An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of…

  • CVE-2020-15603HigJul 15, 2020
    risk 0.49cvss 7.5epss 0.01

    An invalid memory read vulnerability in a Trend Micro Secuity 2020 (v16.0.0.1302 and below) consumer family of products' driver could allow an attacker to manipulate the specific driver to do a system call operation with an invalid address, resulting in a potential system crash.

  • CVE-2021-25251HigFeb 10, 2021
    risk 0.47cvss 7.2epss 0.02

    The Trend Micro Security 2020 and 2021 families of consumer products are vulnerable to a code injection vulnerability which could allow an attacker to disable the program's password protection and disable protection. An attacker must already have administrator privileges on the…

  • CVE-2022-35234HigJul 30, 2022
    risk 0.46cvss 7.1epss 0.00

    Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine.

  • CVE-2021-44023HigDec 16, 2021
    risk 0.46cvss 7.1epss 0.00

    A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer) 2021 familiy of products could allow an attacker to abuse the PC Health Checkup feature of the product to create symlinks that would allow modification of files which could lead to a…

  • CVE-2019-19693HigDec 20, 2019
    risk 0.46cvss 7.1epss 0.01

    The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow a local attacker to disclose sensitive information or to create a denial-of-service condition on affected installations. An attacker must first obtain the ability to execute…

  • CVE-2020-8607MedAug 5, 2020
    risk 0.44cvss 6.7epss 0.01

    An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a…

  • CVE-2019-19697MedJan 18, 2020
    risk 0.44cvss 6.7epss 0.01

    An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must…

  • CVE-2022-26319MedMar 8, 2022
    risk 0.42cvss 6.5epss 0.00

    An installer search patch element vulnerability in Trend Micro Portable Security 3.0 Pro, 3.0 and 2.0 could allow a local attacker to place an arbitrarily generated DLL file in an installer folder to elevate local privileges. Please note: an attacker must first obtain the…

  • CVE-2020-25775MedSep 29, 2020
    risk 0.41cvss 6.3epss 0.00

    The Trend Micro Security 2020 (v16) consumer family of products is vulnerable to a security race condition arbitrary file deletion vulnerability that could allow an unprivileged user to manipulate the product's secure erase feature to delete files with a higher set of privileges.

  • CVE-2022-37348MedSep 19, 2022
    risk 0.36cvss 5.5epss 0.00

    Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. This vulnerability is…

  • CVE-2022-37347MedSep 19, 2022
    risk 0.36cvss 5.5epss 0.00

    Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. This vulnerability is…

  • CVE-2022-30702MedJun 9, 2022
    risk 0.36cvss 5.5epss 0.00

    Trend Micro Security 2022 and 2021 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure vulnerability that could allow an attacker to disclose sensitive information on an affected machine.

  • CVE-2019-19694MedFeb 20, 2020
    risk 0.31cvss 4.7epss 0.00

    The Trend Micro Security 2019 (15.0.0.1163 and below) consumer family of products is vulnerable to a denial of service (DoS) attack in which a malicious actor could manipulate a key file at a certain time during the system startup process to disable the product's malware…

Page 2 of 2