DLL Hijacking Vulnerability in Trend Micro Security Products
CVE-2023-28929

7.8HIGH

Key Information:

Vendor: Trend Micro
Status: Trend Micro Security (consumer)
Vendor: CVE Published:; 26 June 2023

Summary

Trend Micro Security products from the years 2021 to 2023 are susceptible to a DLL Hijacking vulnerability that can enable attackers to exploit a specific executable file. This exploitation can lead to the execution of malicious programs whenever the compromised executable is launched, posing significant risks to users’ systems and data security.

Affected Version(s)

Trend Micro Security (Consumer) 2023 < 17.7.1634

References

https://helpcenter.trendmicro.com/en-us/article/tmka-19062

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 26, 2023
Vulnerability Reserved
Mar 27, 2023