DLL Hijack Vulnerability in Trend Micro Installation Packages
CVE-2019-14688
Key Information:
- Vendor
Trend Micro
- Vendor
- CVE Published:
- 20 February 2020
What is CVE-2019-14688?
Trend Micro installation packages have been found to contain a DLL hijack vulnerability that is exploitable during the initial installation phase of various products. This issue occurs when an authorized user unknowingly runs the installer, allowing an attacker to require the download of a malicious DLL file on the user's local system. As a result, the compromised DLL could be executed, leading to potential unauthorized actions on the system. The vulnerability raises concerns about the security of software installations and the need for users to be vigilant during the setup process.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Trend Micro IM Security (IMS), Trend Micro Control Manager (TMCM), Trend Micro OfficeScan (OSCE), Trend Micro Endpoint Sensor (TMES), Trend Micro Security (Consumer), Trend Micro ScanMail for Microsoft Exchange (SMEX), Trend Micro ServerProtect (SP), Trend Micro Mobile Security Enterprise (TMMS Enterprise) IMS 1.6.5, TMCM 7.0, OSCE XG, TMES 1.6, Trend Micro Security 2019, SMEX 14.0, SPNT 5.8/6.0, TMMS Enterprise 9.8
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved