CVE-2024-41183

EUVD-2024-38965
Trend Micro VPN, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite under specific conditions that can lead to elevation of privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 32%
Affected Products (NVD)
VendorProductVersion
trendmicrovpn
𝑥
< 5.8.1030
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
trend_micro_incvpn_consumer
5.8 ≤
𝑥
< 5.8.1030
ADP
Common Weakness Enumeration
References
https://helpcenter.trendmicro.com/en-us/article/tmka-14460
https://www.zerodayinitiative.com/advisories/ZDI-24-1022/
https://www.zerodayinitiative.com/advisories/ZDI-24-1023/