CVE-2018-3608

EUVD-2018-15462
A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes.
Code Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
Affected Products (NVD)
VendorProductVersion
trendmicroantivirus_\+_security
𝑥
≤ 12.0.1191
trendmicrointernet_security
𝑥
≤ 12.0.1191
trendmicromaximum_security
𝑥
≤ 12.0.1191
trendmicropremium_security
𝑥
≤ 12.0.1191
trendmicroofficescan
11.0
trendmicroofficescan
12.0
trendmicroofficescan_monthly
11.0
trendmicroofficescan_monthly
12.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://esupport.trendmicro.com/support/vb/solution/ja-jp/1120144.aspx
https://esupport.trendmicro.com/en-US/home/pages/technical-support/1120237.aspx
http://esupport.trendmicro.com/support/vb/solution/ja-jp/1120144.aspx
https://esupport.trendmicro.com/en-US/home/pages/technical-support/1120237.aspx