Installer Package Vulnerability in Trend Micro Security 2020
CVE-2020-27696

7.8HIGH

Key Information:

Vendor: Trend Micro
Status: Trend Micro Security (consumer)
Vendor: CVE Published:; 18 November 2020

Summary

Trend Micro Security 2020 contains a vulnerability in the installer package, allowing attackers to exploit a specific Windows system directory. This misconfiguration could enable unauthorized users to gain administrative privileges during the product installation process, posing significant security risks. It is crucial for users to be aware of this vulnerability and apply recommended updates to mitigate potential exploitation.

Affected Version(s)

Trend Micro Security (Consumer) 2020 (v16)

References

https://helpcenter.trendmicro.com/en-us/article/TMKA-10036

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 18, 2020
Vulnerability Reserved
Oct 26, 2020