Main Vulnerability Database SB2024090613

SB2024090613 - Security restrictions bypass in Trend Micro Antivirus One

Published: September 6, 2024

Security Bulletin ID SB2024090613

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2024-45334)

The vulnerability allows a local user to alter antivirus configuration.

The vulnerability exists due to improperly imposed security restrictions, which allow an arbitrary configuration update. A local user can alter the Safety Server configuration and potentially compromise the affected system.

Remediation

Install update from vendor's website.

References

https://helpcenter.trendmicro.com/en-us/article/TMKA-14461