Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2019-19694 |
CWE-ID | CWE-400 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
Trend Micro Internet Security Client/Desktop applications / Antivirus software/Personal firewalls Premium Security Client/Desktop applications / Antivirus software/Personal firewalls Maximum Security Client/Desktop applications / Antivirus software/Personal firewalls Antivirus+ Security Client/Desktop applications / Antivirus software/Personal firewalls |
Vendor | Trend Micro |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU25346
Risk: Low
CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19694
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to uncontrolled resource consumption. A local attacker can trigger resource exhaustion, perform a denial of service (DoS) attack and disable vulnerable products.
MitigationInstall updates from vendor's website.
Vulnerable software versionsTrend Micro Internet Security: 15
Premium Security: 15
Maximum Security: 15
Antivirus+ Security: 15
External linkshttp://jvn.jp/en/jp/JVN02921757/index.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.