Maximum Security 2019 Security Vulnerabilities and Issues — Maximum Security 2019 CVE List

TrendmicroMaximum Security 2019

8 matches found

CVE•added 2020/01/17 11:45 p.m.•211 views

CVE-2019-19697

CVE-2019-19697 affects Trend Micro Security 2019 (Consumer) family (v15). Documents describe an arbitrary code execution via security bypass of protected services (Protected Service Tampering), enabling an attacker with administrator privileges to tamper with and potentially take over services ru...

7.2CVSS6.9AI score0.00818EPSS

CVE•added 2020/01/17 11:45 p.m.•209 views

CVE-2019-20357

The connected records confirm CVE-2019-20357 is a Persistent Arbitrary Code Execution vulnerability in the Trend Micro Security (Consumer) line, specifically affecting the 2020 (v160) and 2019 (v15) consumer products. The vulnerability is described as allowing an attacker to create a malicious pr...

7.8CVSS7.7AI score0.00732EPSS

CVE•added 2020/02/20 10:50 p.m.•98 views

CVE-2019-19694

The CVE affects Trend Micro Security 2019 for Windows (15.0.0.1163 and below). A DoS can be triggered by a malicious actor who manipulates a key file at a specific moment during system startup, potentially disabling the product’s malware protection functions or the entire product. Marketed as a l...

4.7CVSS4.8AI score0.00365EPSS

CVE•added 2020/09/24 1:50 a.m.•61 views

CVE-2020-15604

CVE-2020-15604 affects Trend Micro Security 2019 (v15) products in the Active Update path. The issue is an incomplete SSL server certificate validation vulnerability (CWE-295) and, separately, that update files are not properly verified (CWE-494). Exploitation could occur by tricking affected cli...

7.5CVSS7.5AI score0.01618EPSS

CVE•added 2020/09/24 1:50 a.m.•56 views

CVE-2020-24560

The connected Red Hat, NVD, JVN and related records identify CVE-2020-24560 as an incomplete SSL server certificate validation vulnerability in Trend Micro Security 2019 (v15) consumer products. The issue arises in the update channel: an attacker could leverage improper server certificate verific...

7.5CVSS7.4AI score0.01772EPSS

CVE•added 2021/09/06 11:37 a.m.•56 views

CVE-2021-36744

CVE-2021-36744: A directory junction vulnerability exists in Trend Micro Maximum Security/consumer components (as discussed in ZDI advisory) that allows a local attacker with low privileges to create a directory junction via the Maximum Security Agent, enabling denial-of-service by deleting a fil...

7.8CVSS7.6AI score0.00456EPSS

CVE•added 2019/08/21 7:41 p.m.•47 views

CVE-2019-14685

CVE-2019-14685 describes a local privilege escalation in Trend Micro Security 2019 (v15.0) where an attacker could manipulate a specific product feature to load a malicious service. The available connected documents confirm the vulnerability class (local privilege escalation) and affected product...

7.8CVSS8.1AI score0.00594EPSS

CVE•added 2019/08/21 7:42 p.m.•39 views

CVE-2019-14686

Trend Micro 2019 consumer family (Folder Shield v15) and Trend Micro Ransom Buster 1.0 are affected by a DLL hijacking vulnerability that could allow loading a malicious DLL to achieve elevated privileges. Root cause: insecure DLL loading in the Folder Shield component and Ransom Buster. Exploita...

7.8CVSS7.5AI score0.01201EPSS