Vulnerabilities > Trendmicro > Antivirus > 11.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-24 | CVE-2022-24671 | Link Following vulnerability in Trendmicro Antivirus A link following privilege escalation vulnerability in Trend Micro Antivirus for Max 11.0.2150 and below could allow a local attacker to modify a file during the update process and escalate their privileges. | 7.8 |
| 2021-11-30 | CVE-2021-43771 | Unspecified vulnerability in Trendmicro Antivirus 11.0/11.0.2062/11.0.2150 Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application. | 7.8 |
| 2021-04-22 | CVE-2021-28648 | Unspecified vulnerability in Trendmicro Antivirus 10.5/11.0 Trend Micro Antivirus for Mac 2020 v10.5 and 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application. | 7.8 |
| 2021-02-04 | CVE-2021-25227 | Resource Exhaustion vulnerability in Trendmicro Antivirus Trend Micro Antivirus for Mac 2021 (Consumer) is vulnerable to a memory exhaustion vulnerability that could lead to disabling all the scanning functionality within the application. | 3.3 |
| 2018-05-25 | CVE-2018-6236 | Race Condition vulnerability in Trendmicro products A Time-of-Check Time-of-Use privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222813 by the tmusa driver. | 7.0 |
| 2018-05-25 | CVE-2018-6235 | Out-of-bounds Write vulnerability in Trendmicro products An Out-of-Bounds write privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. | 7.8 |
| 2018-05-25 | CVE-2018-6234 | Out-of-bounds Read vulnerability in Trendmicro products An Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. | 5.5 |
| 2018-05-25 | CVE-2018-6233 | Classic Buffer Overflow vulnerability in Trendmicro products A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222060 by the tmnciesc.sys driver. | 7.8 |
| 2018-05-25 | CVE-2018-6232 | Classic Buffer Overflow vulnerability in Trendmicro products A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x22205C by the tmnciesc.sys driver. | 7.8 |
| 2017-03-21 | CVE-2017-5565 | Uncontrolled Search Path Element vulnerability in Trendmicro products Code injection vulnerability in Trend Micro Maximum Security 11.0 (and earlier), Internet Security 11.0 (and earlier), and Antivirus+ Security 11.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Trend Micro process via a "DoubleAgent" attack. | 6.7 |