Input Validation Vulnerability in Trend Micro Rootkit Protection Driver
CVE-2020-8607

6.7MEDIUM

Key Information:

Vendor
Trend Micro
Status
Trend Micro Apex One
Trend Micro Officescan
Trend Micro Deep Security
Trend Micro Worry-free Business Security
Vendor
CVE Published:
5 August 2020

Summary

An input validation issue present in various Trend Micro products utilizing a specific version of the rootkit protection driver can potentially be exploited by an attacker with administrative privileges. This flaw allows unauthorized modification of kernel addresses, which may lead to system instability, crashes, or even execution of arbitrary code at the kernel level. The attacker must have already gained administrator access to the affected machine prior to exploitation, emphasizing the need for robust security measures to prevent initial unauthorized access.

Affected Version(s)

Trend Micro Anti-Threat Toolkit (ATTK) 1.62.1240 and below

Trend Micro Apex One 2019 (On premise), SaaS

Trend Micro Deep Security 12.x, 11.x. 10.x

References

https://success.trendmicro.com/solution/000260713
x_refsource_MISC
https://success.trendmicro.com/jp/solution/000260748
x_refsource_MISC
https://jvn.jp/vu/JVNVU99160193/
x_refsource_MISC

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.