Privilege Escalation Vulnerability in Trend Micro Antivirus for Mac
CVE-2018-18327

7.8HIGH

Key Information:

Vendor
Trend Micro
Status
Trend Micro Antivirus For Mac (consumer)
Vendor
CVE Published:
23 October 2018

Summary

A vulnerability in Trend Micro Antivirus for Mac allows local attackers to escalate privileges. This arises due to insufficient validation of user-supplied buffers, specifically at the 0x6eDC offset. To exploit this issue, an attacker must first execute low-privileged code on the target system, providing a pathway to gain elevated access. It is essential for users to employ best practices in security to mitigate the risks associated with this vulnerability.

Affected Version(s)

Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above

References

https://esupport.trendmicro.com/solution/ja-jp/1121350.aspx
x_refsource_CONFIRM
http://www.securityfocus.com/bid/105757
vdb-entryx_refsource_BID
https://esupport.trendmicro.com/en-US/home/pages/technica...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.