Out-Of-Bounds Read Vulnerability in Trend Micro Security Products
CVE-2022-35234

7.1HIGH

Key Information:

Vendor

Trend Micro
Status
Trend Micro Security(consumer)
Vendor
CVE Published:
30 July 2022

What is CVE-2022-35234?

Trend Micro Security 2021 and 2022 (Consumer) contains an Out-Of-Bounds Read vulnerability that enables attackers to potentially access sensitive data from non-allocated memory areas. This flaw might also lead to system instability, resulting in application crashes. The vulnerability poses a risk of unauthorized exposure of confidential information, necessitating prompt mitigation measures.

Affected Version(s)

Trend Micro Security(Consumer) 2022 (17.7.1383 and below)

References

https://helpcenter.trendmicro.com/en-us/article/tmka-11058
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-22-962/
x_refsource_MISC

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2022-35234 : Out-Of-Bounds Read Vulnerability in Trend Micro Security Products