{"lastseen": "2020-04-01T20:40:46", "references": [], "description": "\nTrend Micro Maximum Security 2019 - Privilege Escalation", "edition": 1, "reporter": "hyp3rlinx", "exploitpack": {"type": "local", "platform": "windows"}, "published": "2020-01-17T00:00:00", "title": "Trend Micro Maximum Security 2019 - Privilege Escalation", "type": "exploitpack", "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-20357"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:155993"]}, {"type": "zdt", "idList": ["1337DAY-ID-33836"]}], "modified": "2020-04-01T20:40:46", "rev": 2}, "score": {"value": 4.2, "vector": "NONE", "modified": "2020-04-01T20:40:46", "rev": 2}, "vulnersScore": 4.2}, "bulletinFamily": "exploit", "cvelist": ["CVE-2019-20357"], "modified": "2020-01-17T00:00:00", "id": "EXPLOITPACK:62A8781FD9DF709DB65521E1D8B1BFAA", "href": "", "viewCount": 1, "sourceData": "# Exploit Title: Trend Micro Maximum Security 2019 - Privilege Escalation\n# Date: 2020-1-16\n# Exploit Author: hyp3rlinx\n# Vendor Homepage: www.trendmicro.com\n# Version: Platform Microsoft Windows, Premium Security 2019 (v15), Maximum Security 2019 (v15)\n# Internet Security 2019 (v15), Antivirus + Security 2019 (v15)\n\n[+] Credits: John Page (aka hyp3rlinx)\t\t\n[+] Website: hyp3rlinx.altervista.org\n[+] Source: http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-SECURITY-CONSUMER-PERSISTENT-ARBITRARY-CODE-EXECUTION.txt\n[+] twitter.com/hyp3rlinx\n[+] ISR: ApparitionSec \n \n\n[Vendor]\nwww.trendmicro.com\n\n\n[Product(s)]\nTrend Micro Security (Consumer) Multiple Products\n\n\nTrend Micro Security provides comprehensive protection for your devices.\nThis includes protection against ransomware, viruses, malware, spyware, and identity theft.\n\n\n[Vulnerability Type]\nPersistent Arbitrary Code Execution\n\n\n[CVE Reference]\nCVE-2019-20357\n\n\n[CVSSv3 Scores: 6.7]\n\n\n[Security Issue]\nTrend Micro Security can potentially allow an attackers to use a malicious program to escalate privileges\nto SYSTEM integrity and attain persistence on a vulnerable system.\n\n\n[Product Affected Versions]\nPlatform Microsoft Windows\n\nPremium Security 2019 (v15) and 2020 (v16)\n\nMaximum Security\n2019 (v15) and 2020 (v16)\n\nInternet Security\n2019 (v15) and 2020 (v16)\n\t\nAntivirus + Security\n2019 (v15) and 2020 (v16)\n\n\n[References]\nhttps://esupport.trendmicro.com/en-us/home/pages/technical-support/1124099.aspx\n\n[Exploit/POC]\nCompile C test code \"Program.c\"\n\nvoid main(void){\n puts(\"Done!\");\n system(\"pause\");\n}\n\n1) Place under c:\\ dir.\n2) Reboot the machine, the coreServiceShell.exe service loads and executes our binary with SYSTEM integrity.\n\n\n\n[Network Access]\nLocal\n\n\n[Severity]\nMedium\n\n\n\n[Disclosure Timeline]\nVendor Notification: October 8, 2019\nvendor advisory: January 15, 2020\nJanuary 16, 2020 : Public Disclosure\n\n\n\n[+] Disclaimer\nThe information contained within this advisory is supplied \"as-is\" with no warranties or guarantees of fitness of use or otherwise.\nPermission is hereby granted for the redistribution of this advisory, provided that it is not altered except by reformatting it, and\nthat due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit\nis given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility\nfor any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information\nor exploits by the author or elsewhere. All content (c).\n\nhyp3rlinx", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}

{"cve": [{"lastseen": "2021-02-02T07:12:58", "description": "A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.", "edition": 7, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-01-18T00:15:00", "title": "CVE-2019-20357", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20357"], "modified": "2020-01-29T17:27:00", "cpe": ["cpe:/a:trendmicro:premium_security_2019:15.0", "cpe:/a:trendmicro:antivirus_\\+_security_2019:15.0", "cpe:/a:trendmicro:internet_security_2019:15.0", "cpe:/a:trendmicro:premium_security_2020:16.0", "cpe:/a:trendmicro:antivirus_\\+_security_2020:16.0", "cpe:/a:trendmicro:maximum_security_2019:15.0", "cpe:/a:trendmicro:internet_security_2020:16.0", "cpe:/a:trendmicro:maximum_security_2020:16.0"], "id": "CVE-2019-20357", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-20357", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:trendmicro:maximum_security_2020:16.0:*:*:*:*:*:*:*", "cpe:2.3:a:trendmicro:premium_security_2020:16.0:*:*:*:*:*:*:*", "cpe:2.3:a:trendmicro:maximum_security_2019:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:trendmicro:internet_security_2019:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:trendmicro:antivirus_\\+_security_2020:16.0:*:*:*:*:*:*:*", "cpe:2.3:a:trendmicro:internet_security_2020:16.0:*:*:*:*:*:*:*", "cpe:2.3:a:trendmicro:antivirus_\\+_security_2019:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:trendmicro:premium_security_2019:15.0:*:*:*:*:*:*:*"]}], "packetstorm": [{"lastseen": "2020-01-17T23:02:30", "description": "", "published": "2020-01-17T00:00:00", "type": "packetstorm", "title": "Trend Micro Security (Consumer) Arbitrary Code Execution", "bulletinFamily": "exploit", "cvelist": ["CVE-2019-20357"], "modified": "2020-01-17T00:00:00", "id": "PACKETSTORM:155993", "href": "https://packetstormsecurity.com/files/155993/Trend-Micro-Security-Consumer-Arbitrary-Code-Execution.html", "sourceData": "`[+] Credits: John Page (aka hyp3rlinx) \n[+] Website: hyp3rlinx.altervista.org \n[+] Source: http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-SECURITY-CONSUMER-PERSISTENT-ARBITRARY-CODE-EXECUTION.txt \n[+] twitter.com/hyp3rlinx \n[+] ISR: ApparitionSec \n \n \n[Vendor] \nwww.trendmicro.com \n \n \n[Product(s)] \nTrend Micro Security (Consumer) Multiple Products \n \n \nTrend Micro Security provides comprehensive protection for your devices. \nThis includes protection against ransomware, viruses, malware, spyware, and identity theft. \n \n \n[Vulnerability Type] \nPersistent Arbitrary Code Execution \n \n \n[CVE Reference] \nCVE-2019-20357 \n \n \n[CVSSv3 Scores: 6.7] \n \n \n[Security Issue] \nTrend Micro Security can potentially allow an attackers to use a malicious program to escalate privileges \nto SYSTEM integrity and attain persistence on a vulnerable system. \n \n \n[Product Affected Versions] \nPlatform Microsoft Windows \n \nPremium Security 2019 (v15) and 2020 (v16) \n \nMaximum Security \n2019 (v15) and 2020 (v16) \n \nInternet Security \n2019 (v15) and 2020 (v16) \n \nAntivirus + Security \n2019 (v15) and 2020 (v16) \n \n \n[References] \nhttps://esupport.trendmicro.com/en-us/home/pages/technical-support/1124099.aspx \n \n[Exploit/POC] \nCompile C test code \"Program.c\" \n \nvoid main(void){ \nputs(\"Done!\"); \nsystem(\"pause\"); \n} \n \n1) Place under c:\\ dir. \n2) Reboot the machine, the coreServiceShell.exe service loads and executes our binary with SYSTEM integrity. \n \n \n \n[Network Access] \nLocal \n \n \n[Severity] \nMedium \n \n \n \n[Disclosure Timeline] \nVendor Notification: October 8, 2019 \nvendor advisory: January 15, 2020 \nJanuary 16, 2020 : Public Disclosure \n \n \n \n[+] Disclaimer \nThe information contained within this advisory is supplied \"as-is\" with no warranties or guarantees of fitness of use or otherwise. \nPermission is hereby granted for the redistribution of this advisory, provided that it is not altered except by reformatting it, and \nthat due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit \nis given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility \nfor any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information \nor exploits by the author or elsewhere. All content (c). \n \nhyp3rlinx \n`\n", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://packetstormsecurity.com/files/download/155993/TREND-MICRO-SECURITY-CONSUMER-PERSISTENT-ARBITRARY-CODE-EXECUTION.txt"}], "zdt": [{"lastseen": "2020-01-19T23:04:56", "description": "Exploit for windows platform in category local exploits", "edition": 1, "published": "2020-01-17T00:00:00", "title": "Trend Micro Maximum Security 2019 - Privilege Escalation Vulnerability", "type": "zdt", "bulletinFamily": "exploit", "cvelist": ["CVE-2019-20357"], "modified": "2020-01-17T00:00:00", "id": "1337DAY-ID-33836", "href": "https://0day.today/exploit/description/33836", "sourceData": "# Exploit Title: Trend Micro Maximum Security 2019 - Privilege Escalation\r\n# Exploit Author: hyp3rlinx\r\n# Vendor Homepage: www.trendmicro.com\r\n# Version: Platform Microsoft Windows, Premium Security 2019 (v15), Maximum Security 2019 (v15)\r\n# Internet Security 2019 (v15), Antivirus + Security 2019 (v15)\r\n\r\n[+] Credits: John Page (aka hyp3rlinx)\t\t\r\n[+] Website: hyp3rlinx.altervista.org\r\n[+] Source: http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-SECURITY-CONSUMER-PERSISTENT-ARBITRARY-CODE-EXECUTION.txt\r\n[+] twitter.com/hyp3rlinx\r\n[+] ISR: ApparitionSec \r\n \r\n\r\n[Vendor]\r\nwww.trendmicro.com\r\n\r\n\r\n[Product(s)]\r\nTrend Micro Security (Consumer) Multiple Products\r\n\r\n\r\nTrend Micro Security provides comprehensive protection for your devices.\r\nThis includes protection against ransomware, viruses, malware, spyware, and identity theft.\r\n\r\n\r\n[Vulnerability Type]\r\nPersistent Arbitrary Code Execution\r\n\r\n\r\n[CVE Reference]\r\nCVE-2019-20357\r\n\r\n\r\n[CVSSv3 Scores: 6.7]\r\n\r\n\r\n[Security Issue]\r\nTrend Micro Security can potentially allow an attackers to use a malicious program to escalate privileges\r\nto SYSTEM integrity and attain persistence on a vulnerable system.\r\n\r\n\r\n[Product Affected Versions]\r\nPlatform Microsoft Windows\r\n\r\nPremium Security 2019 (v15) and 2020 (v16)\r\n\r\nMaximum Security\r\n2019 (v15) and 2020 (v16)\r\n\r\nInternet Security\r\n2019 (v15) and 2020 (v16)\r\n\t\r\nAntivirus + Security\r\n2019 (v15) and 2020 (v16)\r\n\r\n\r\n[References]\r\nhttps://esupport.trendmicro.com/en-us/home/pages/technical-support/1124099.aspx\r\n\r\n[Exploit/POC]\r\nCompile C test code \"Program.c\"\r\n\r\nvoid main(void){\r\n puts(\"Done!\");\r\n system(\"pause\");\r\n}\r\n\r\n1) Place under c:\\ dir.\r\n2) Reboot the machine, the coreServiceShell.exe service loads and executes our binary with SYSTEM integrity.\n\n# 0day.today [2020-01-19] #", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://0day.today/exploit/33836"}]}