Uninitialized Pointer Vulnerability in Trend Micro Mobile Security
CVE-2017-14082

7.5HIGH

Key Information:

Vendor

Trend Micro
Status
Trend Micro Mobile Security (enterprise)
Vendor
CVE Published:
19 January 2018

What is CVE-2017-14082?

An uninitialized pointer vulnerability in Trend Micro Mobile Security (Enterprise) versions prior to 9.8 may enable attackers to gain unauthorized access to sensitive information. This flaw could be exploited remotely without authentication, highlighting the critical need for timely patching and security measures to protect affected systems.

Affected Version(s)

Trend Micro Mobile Security (Enterprise) 9.7 and below

References

http://www.zerodayinitiative.com/advisories/ZDI-17-972/
x_refsource_MISC
http://www.securityfocus.com/bid/102216
vdb-entryx_refsource_BID
https://success.trendmicro.com/solution/1118993
x_refsource_CONFIRM

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.