Privilege Escalation Vulnerability in Trend Micro Antivirus for Mac
CVE-2018-15367

7.8HIGH

Key Information:

Vendor

Trend Micro
Status
Trend Micro Antivirus For Mac (consumer)
Vendor
CVE Published:
23 October 2018

What is CVE-2018-15367?

A privilege escalation vulnerability exists in Trend Micro Antivirus for Mac, allowing local attackers to escalate privileges on affected installations. The exploit requires the attacker to execute low-privileged code on the targeted system, which can lead to unauthorized access and increased control over the system. This issue is particularly concerning for users of versions 7.0 (2017) and above, as it poses a risk to the integrity of the software's security functions.

Affected Version(s)

Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above

References

https://esupport.trendmicro.com/solution/ja-jp/1121350.aspx
x_refsource_CONFIRM
https://www.zerodayinitiative.com/advisories/ZDI-18-1294/
x_refsource_MISC
http://www.securityfocus.com/bid/105757
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2018-15367 : Privilege Escalation Vulnerability in Trend Micro Antivirus for Mac