Maximum Security 2022
Monthly
Trend Micro Security 17.8 for consumer platforms contains a local privilege escalation vulnerability via improper symlink handling (CWE-64: Improper Link Resolution Before File Access) that allows a local attacker with limited privileges to delete or modify critical Trend Micro system files without user interaction. The vulnerability affects Trend Micro Security 17.8 specifically and carries a CVSS 3.1 score of 7.8 (High) with local attack vector; KEV status, EPSS score, and active exploitation data are not provided in available sources, limiting real-world risk quantification.
Local privilege escalation vulnerability in Trend Micro Security 17.8 (Consumer) that exploits insecure link following to allow a low-privileged local attacker to delete privileged Trend Micro files, potentially compromising the security product's integrity. With a CVSS score of 7.8 and low attack complexity (AC:L), this vulnerability poses a significant risk to consumer systems where privilege escalation could disable or corrupt critical security components. No active exploitation (KEV status) or public POC has been reported at this time, but the low barrier to exploitation (local access with low privileges required) warrants prompt patching.
Local privilege escalation vulnerability in Trend Micro Security 17.8 (Consumer) that exploits improper link following (symlink/junction attack) to allow a low-privileged local attacker to delete privileged Trend Micro system files without user interaction. This vulnerability carries a CVSS 7.8 high severity rating due to high impact on confidentiality, integrity, and availability; however, real-world exploitability depends on KEV status, EPSS probability data, and proof-of-concept availability, which are not provided in the available intelligence.
Trend Micro Security 17.8 for consumer platforms contains a local privilege escalation vulnerability via improper symlink handling (CWE-64: Improper Link Resolution Before File Access) that allows a local attacker with limited privileges to delete or modify critical Trend Micro system files without user interaction. The vulnerability affects Trend Micro Security 17.8 specifically and carries a CVSS 3.1 score of 7.8 (High) with local attack vector; KEV status, EPSS score, and active exploitation data are not provided in available sources, limiting real-world risk quantification.
Local privilege escalation vulnerability in Trend Micro Security 17.8 (Consumer) that exploits insecure link following to allow a low-privileged local attacker to delete privileged Trend Micro files, potentially compromising the security product's integrity. With a CVSS score of 7.8 and low attack complexity (AC:L), this vulnerability poses a significant risk to consumer systems where privilege escalation could disable or corrupt critical security components. No active exploitation (KEV status) or public POC has been reported at this time, but the low barrier to exploitation (local access with low privileges required) warrants prompt patching.
Local privilege escalation vulnerability in Trend Micro Security 17.8 (Consumer) that exploits improper link following (symlink/junction attack) to allow a low-privileged local attacker to delete privileged Trend Micro system files without user interaction. This vulnerability carries a CVSS 7.8 high severity rating due to high impact on confidentiality, integrity, and availability; however, real-world exploitability depends on KEV status, EPSS probability data, and proof-of-concept availability, which are not provided in the available intelligence.