Two vulnerabilities in Trend Micro Internet Security
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | N/A |
| CWE-ID | CWE-476 CWE-362 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Trend Micro Internet Security Client/Desktop applications / Antivirus software/Personal firewalls |
| Vendor | Trend Micro |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Null pointer dereference
EUVDB-ID: #VU7209
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists due to a pointer dereference error in 'tmusa.sys' in processing IOCTL 0x00222813. A local attacker can run a specially crafted application and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Update to version 11.1.1045.
Vulnerable software versionsTrend Micro Internet Security: 11
External linkshttp://success.trendmicro.com/solution/1117509
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Race condition
EUVDB-ID: #VU7210
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: N/A
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to a race condition in 'tmusa.sys' in processing IOCTL 0x222813. A local attacker can run a specially crafted application to modify a field used by the kernel and gain system privileges.
Successful exploitation of the vulnerability results in privilege escalation.
Update to version 11.1.1045.
Vulnerable software versionsTrend Micro Internet Security: 11
External linkshttp://success.trendmicro.com/solution/1117509
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
