Race Condition in Trend Micro Antivirus for Mac 2020 Web Threat Protection
CVE-2020-27014

6.4MEDIUM

Key Information:

Vendor: Trend Micro
Status: Trend Micro Antivirus For Mac (consumer)
Vendor: CVE Published:; 30 October 2020

Summary

The Web Threat Protection Blocklist component of Trend Micro Antivirus for Mac 2020 is affected by a race condition vulnerability. This flaw can be exploited by attackers who have already gained high-privileged code execution access to the target system. Successfully exploiting this vulnerability may lead to a kernel panic or crash, resulting in service disruption and affecting system stability. It is crucial for users of Trend Micro Antivirus for Mac 2020 to stay informed about this issue and apply any available security updates provided by the vendor.

Affected Version(s)

Trend Micro Antivirus for Mac (Consumer) 2020 (v10.x) and below

References

https://helpcenter.trendmicro.com/en-us/article/TMKA-09974

x_refsource_MISC

https://www.zerodayinitiative.com/advisories/ZDI-20-1285/

x_refsource_MISC

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 30, 2020
Vulnerability Reserved
Oct 12, 2020