CVE-2018-3608

A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes.
Code Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
trendmicroCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
VendorProductVersion
trendmicroantivirus_\+_security
𝑥
≤ 12.0.1191
trendmicrointernet_security
𝑥
≤ 12.0.1191
trendmicromaximum_security
𝑥
≤ 12.0.1191
trendmicropremium_security
𝑥
≤ 12.0.1191
trendmicroofficescan
11.0
trendmicroofficescan
12.0
trendmicroofficescan_monthly
11.0
trendmicroofficescan_monthly
12.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://esupport.trendmicro.com/support/vb/solution/ja-jp/1120144.aspx
https://esupport.trendmicro.com/en-US/home/pages/technical-support/1120237.aspx
http://esupport.trendmicro.com/support/vb/solution/ja-jp/1120144.aspx
https://esupport.trendmicro.com/en-US/home/pages/technical-support/1120237.aspx