Vulnerabilities > Trendmicro > Antivirus Security 2020 > High

DATE CVE VULNERABILITY TITLE RISK
2021-02-10 CVE-2021-25251 Code Injection vulnerability in Trendmicro products
The Trend Micro Security 2020 and 2021 families of consumer products are vulnerable to a code injection vulnerability which could allow an attacker to disable the program's password protection and disable protection.
network
low complexity
trendmicro CWE-94
7.2
2020-11-18 CVE-2020-27697 Link Following vulnerability in Trendmicro products
Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a non-protected location with high privileges (symlink attack) which can lead to obtaining administrative privileges during the installation of the product.
local
low complexity
trendmicro CWE-59
7.8
2020-11-18 CVE-2020-27696 Unspecified vulnerability in Trendmicro products
Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a specific Windows system directory which can lead to obtaining administrative privileges during the installation of the product.
local
low complexity
trendmicro
7.8
2020-11-18 CVE-2020-27695 Untrusted Search Path vulnerability in Trendmicro products
Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a local directory which can lead to obtaining administrative privileges during the installation of the product.
local
low complexity
trendmicro CWE-426
7.8
2020-01-18 CVE-2019-20357 Unquoted Search Path or Element vulnerability in Trendmicro products
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.
local
low complexity
trendmicro CWE-428
7.8
2019-12-20 CVE-2019-19693 Link Following vulnerability in Trendmicro products
The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow a local attacker to disclose sensitive information or to create a denial-of-service condition on affected installations.
local
low complexity
trendmicro CWE-59
7.1
2019-12-02 CVE-2019-15628 Untrusted Search Path vulnerability in Trendmicro products
Trend Micro Security (Consumer) 2020 (v16.0.1221 and below) is affected by a DLL hijacking vulnerability that could allow an attacker to use a specific service as an execution and/or persistence mechanism which could execute a malicious program each time the service is started.
local
low complexity
trendmicro CWE-426
7.8