Out-Of-Bounds Read Vulnerability in Trend Micro Security Products
CVE-2022-30702

5.5MEDIUM

Key Information:

Vendor: Trend Micro
Status: Trend Micro Security (consumer)
Vendor: CVE Published:; 9 June 2022

Summary

Trend Micro Security 2022 and 2021 products are susceptible to an Out-Of-Bounds Read Information Disclosure vulnerability. This flaw may enable an attacker to exploit the affected software, potentially leading to the revelation of sensitive information from the system. By manipulating the program's execution flow, an attacker can access unauthorized data, posing significant risks to data confidentiality and integrity.

Affected Version(s)

Trend Micro Security (Consumer) 2022 (17.7.1130 and below)

References

https://helpcenter.trendmicro.com/en-us/article/tmka-11022

x_refsource_MISC

https://www.zerodayinitiative.com/advisories/ZDI-22-800/

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 9, 2022
Vulnerability Reserved
May 13, 2022