CVE-2020-8607

An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.7 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
trendmicroCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 25%
VendorProductVersion
trendmicroantivirus_toolkit
𝑥
< 1.62.1240
trendmicrodeep_security
9.6
trendmicrodeep_security
10.0
trendmicrodeep_security
11.0
trendmicrodeep_security
12.0
trendmicroofficescan_business_security
9.0
trendmicroofficescan_business_security
9.5
trendmicroofficescan_business_security
10.0:sp1
trendmicroofficescan_business_security_service
-
trendmicroofficescan_cloud
16.0
trendmicroonline_scan
8.0
trendmicroportable_security
2.0
trendmicroportable_security
3.0
trendmicrorootkit_buster
2.2
trendmicrosafe_lock
-
trendmicrosafe_lock
2.0:sp1
trendmicroserverprotect
5.8
trendmicroserverprotect
5.8
trendmicroserverprotect
5.8
trendmicroserverprotect
6.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://jvn.jp/en/vu/JVNVU99160193/index.html
https://jvn.jp/vu/JVNVU99160193/
https://success.trendmicro.com/jp/solution/000260748
https://success.trendmicro.com/solution/000260713
https://jvn.jp/en/vu/JVNVU99160193/index.html
https://jvn.jp/vu/JVNVU99160193/
https://success.trendmicro.com/jp/solution/000260748
https://success.trendmicro.com/solution/000260713