Vulnerabilities > Trendmicro > Antivirus > High

DATE CVE VULNERABILITY TITLE RISK
2022-02-24 CVE-2022-24671 Link Following vulnerability in Trendmicro Antivirus
A link following privilege escalation vulnerability in Trend Micro Antivirus for Max 11.0.2150 and below could allow a local attacker to modify a file during the update process and escalate their privileges.
local
low complexity
trendmicro CWE-59
7.8
2021-11-30 CVE-2021-43771 Unspecified vulnerability in Trendmicro Antivirus 11.0/11.0.2062/11.0.2150
Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application.
local
low complexity
trendmicro
7.8
2021-04-22 CVE-2021-28648 Unspecified vulnerability in Trendmicro Antivirus 10.5/11.0
Trend Micro Antivirus for Mac 2020 v10.5 and 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application.
local
low complexity
trendmicro
7.8
2020-10-02 CVE-2020-25776 Link Following vulnerability in Trendmicro Antivirus 2019/2020
Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a symbolic link privilege escalation attack where an attacker could exploit a critical file on the system to escalate their privileges.
local
low complexity
trendmicro CWE-59
7.8
2019-12-24 CVE-2019-19695 Link Following vulnerability in Trendmicro Antivirus 9.0/9.0.1379
A privilege escalation vulnerability in Trend Micro Antivirus for Mac 2019 (v9.0.1379 and below) could potentially allow an attacker to create a symbolic link to a target file and modify it.
network
low complexity
trendmicro CWE-59
7.5
2018-05-25 CVE-2018-6236 Race Condition vulnerability in Trendmicro products
A Time-of-Check Time-of-Use privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222813 by the tmusa driver.
local
high complexity
trendmicro CWE-362
7.0
2018-05-25 CVE-2018-6235 Out-of-bounds Write vulnerability in Trendmicro products
An Out-of-Bounds write privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver.
local
low complexity
trendmicro CWE-787
7.8
2018-05-25 CVE-2018-6233 Classic Buffer Overflow vulnerability in Trendmicro products
A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222060 by the tmnciesc.sys driver.
local
low complexity
trendmicro CWE-120
7.8
2018-05-25 CVE-2018-6232 Classic Buffer Overflow vulnerability in Trendmicro products
A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x22205C by the tmnciesc.sys driver.
local
low complexity
trendmicro CWE-120
7.8