VYPR

Antivirus for Mac

by Trend Micro

CVEs (15)

  • CVE-2022-24671HigFeb 24, 2022
    risk 0.51cvss 7.8epss 0.00

    A link following privilege escalation vulnerability in Trend Micro Antivirus for Max 11.0.2150 and below could allow a local attacker to modify a file during the update process and escalate their privileges. Please note: an attacker must first obtain the ability to execute…

  • CVE-2021-43771HigNov 30, 2021
    risk 0.51cvss 7.8epss 0.00

    Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application. Please note that an…

  • CVE-2021-28648HigApr 22, 2021
    risk 0.51cvss 7.8epss 0.01

    Trend Micro Antivirus for Mac 2020 v10.5 and 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application.…

  • CVE-2020-25776HigOct 2, 2020
    risk 0.51cvss 7.8epss 0.01

    Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a symbolic link privilege escalation attack where an attacker could exploit a critical file on the system to escalate their privileges. An attacker must first obtain the ability to execute low-privileged code on the…

  • CVE-2018-18329HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.01

    A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation…

  • CVE-2018-18328HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.01

    A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation…

  • CVE-2018-18327HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.01

    A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation…

  • CVE-2019-19695HigDec 24, 2019
    risk 0.49cvss 7.5epss 0.03

    A privilege escalation vulnerability in Trend Micro Antivirus for Mac 2019 (v9.0.1379 and below) could potentially allow an attacker to create a symbolic link to a target file and modify it.

  • CVE-2022-27883HigApr 9, 2022
    risk 0.48cvss 7.3epss 0.01

    A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to create a specially-crafted file as a symlink that can lead to privilege escalation. Please note that an attacker must at least have low-level privileges on the system to attempt to…

  • CVE-2020-27014MedOct 30, 2020
    risk 0.42cvss 6.4epss 0.00

    Trend Micro Antivirus for Mac 2020 (Consumer) contains a race condition vulnerability in the Web Threat Protection Blocklist component, that if exploited, could allow an attacker to case a kernel panic or crash.\n\n\r\nAn attacker must first obtain the ability to execute…

  • CVE-2020-25778MedOct 14, 2020
    risk 0.39cvss 6.0epss 0.01

    Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in a specific kernel extension where an attacker could supply a kernel pointer and leak several bytes of memory. An attacker must first obtain the ability to execute high-privileged code on the target system in…

  • CVE-2020-25777MedOct 14, 2020
    risk 0.35cvss 5.4epss 0.01

    Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a specific kernel extension request attack where an attacker could bypass the Web Threat Protection feature of the product. User interaction is required to exploit this vulnerability in that the target must visit a…

  • CVE-2020-27015MedOct 30, 2020
    risk 0.29cvss 4.4epss 0.01

    Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Message Information Disclosure vulnerability that if exploited, could allow kernel pointers and debug messages to leak to userland. An attacker must first obtain the ability to execute high-privileged code on the…

  • CVE-2020-27013MedOct 14, 2020
    risk 0.29cvss 4.4epss 0.00

    Trend Micro Antivirus for Mac 2020 (Consumer) contains a vulnerability in the product that occurs when a webserver is started that implements an API with several properties that can be read and written to allowing the attacker to gather and modify sensitive product and user…

  • CVE-2020-25779LowOct 13, 2020
    risk 0.22cvss 3.3epss 0.01

    Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in which a Internationalized Domain Name homograph attack (Puny-code) could be used to add a malicious website to the approved websites list of Trend Micro Antivirus for Mac to bypass the web threat protection…