Vulnerabilities > Trendmicro > Antivirus

DATE CVE VULNERABILITY TITLE RISK
2022-02-24 CVE-2022-24671 Link Following vulnerability in Trendmicro Antivirus
A link following privilege escalation vulnerability in Trend Micro Antivirus for Max 11.0.2150 and below could allow a local attacker to modify a file during the update process and escalate their privileges.
local
low complexity
trendmicro CWE-59
7.8
2021-11-30 CVE-2021-43771 Unspecified vulnerability in Trendmicro Antivirus 11.0/11.0.2062/11.0.2150
Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application.
local
low complexity
trendmicro
7.8
2021-04-22 CVE-2021-28648 Unspecified vulnerability in Trendmicro Antivirus 10.5/11.0
Trend Micro Antivirus for Mac 2020 v10.5 and 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application.
local
low complexity
trendmicro
7.8
2021-02-04 CVE-2021-25227 Resource Exhaustion vulnerability in Trendmicro Antivirus
Trend Micro Antivirus for Mac 2021 (Consumer) is vulnerable to a memory exhaustion vulnerability that could lead to disabling all the scanning functionality within the application.
local
low complexity
trendmicro CWE-400
3.3
2020-10-30 CVE-2020-27015 Information Exposure Through an Error Message vulnerability in Trendmicro Antivirus 2020
Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Message Information Disclosure vulnerability that if exploited, could allow kernel pointers and debug messages to leak to userland.
local
low complexity
trendmicro CWE-209
4.4
2020-10-30 CVE-2020-27014 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Trendmicro Antivirus 2020
Trend Micro Antivirus for Mac 2020 (Consumer) contains a race condition vulnerability in the Web Threat Protection Blocklist component, that if exploited, could allow an attacker to case a kernel panic or crash.\n\n\r\nAn attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.
local
high complexity
trendmicro CWE-367
6.4
2020-10-14 CVE-2020-27013 Unspecified vulnerability in Trendmicro Antivirus 2020
Trend Micro Antivirus for Mac 2020 (Consumer) contains a vulnerability in the product that occurs when a webserver is started that implements an API with several properties that can be read and written to allowing the attacker to gather and modify sensitive product and user data.
local
low complexity
trendmicro
4.4
2020-10-14 CVE-2020-25778 Information Exposure Through an Error Message vulnerability in Trendmicro Antivirus 2019/2020
Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in a specific kernel extension where an attacker could supply a kernel pointer and leak several bytes of memory.
local
low complexity
trendmicro CWE-209
6.0
2020-10-14 CVE-2020-25777 Unspecified vulnerability in Trendmicro Antivirus 2019/2020
Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a specific kernel extension request attack where an attacker could bypass the Web Threat Protection feature of the product.
network
low complexity
trendmicro
5.4
2020-10-13 CVE-2020-25779 Unspecified vulnerability in Trendmicro Antivirus 2020
Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in which a Internationalized Domain Name homograph attack (Puny-code) could be used to add a malicious website to the approved websites list of Trend Micro Antivirus for Mac to bypass the web threat protection feature.
local
low complexity
trendmicro
3.3