CVE-2019-9491 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.8 HIGH	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 95%

Affected Products (NVD)

Vendor	Product	Version
trendmicro	anti-threat_toolkit	𝑥 ≤ 1.62.0.1218

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-427 - Uncontrolled Search Path Element
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

References

http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-ANTI-THREAT-TOOLKIT-%28ATTK%29-REMOTE-CODE-EXECUTION.txt

http://packetstormsecurity.com/files/156160/TrendMicro-Anti-Threat-Toolkit-Improper-Fix.html

http://seclists.org/fulldisclosure/2019/Oct/42

http://seclists.org/fulldisclosure/2020/Jan/50

https://seclists.org/bugtraq/2019/Oct/30

https://seclists.org/bugtraq/2020/Jan/55

https://success.trendmicro.com/solution/000149878

http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-ANTI-THREAT-TOOLKIT-%28ATTK%29-REMOTE-CODE-EXECUTION.txt

http://packetstormsecurity.com/files/156160/TrendMicro-Anti-Threat-Toolkit-Improper-Fix.html

http://seclists.org/fulldisclosure/2019/Oct/42

http://seclists.org/fulldisclosure/2020/Jan/50

https://seclists.org/bugtraq/2019/Oct/30

https://seclists.org/bugtraq/2020/Jan/55

https://success.trendmicro.com/solution/000149878