CVE-2020-8607

Summary

An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability.

Affected Software

VendorProductVersion RangeStatus
Trend MicroTrend Micro Apex One2019 (On premise), SaaSaffected
Trend MicroTrend Micro OfficeScanXG SP1affected
Trend MicroTrend Micro Deep Security12.x, 11.x. 10.xaffected
Trend MicroTrend Micro Worry-Free Business Security10.0 SP1, Services (SaaS)affected
Trend MicroTrend Micro Security (Consumer Family)2020 (v16), 2019 (v15)affected
Trend MicroTrend Micro Safe Lock2.0 SP1, TXOne Edaffected
Trend MicroTrend Micro ServerProtectSPFS 6.0, SPNAF 5.8, SPEMC 5.8, SPNT 5.8affected
Trend MicroTrend Micro Portable Security3.x, 2.xaffected
Trend MicroTrend Micro HouseCall8.0affected
Trend MicroTrend Micro Anti-Threat Toolkit (ATTK)1.62.1240 and belowaffected
Trend MicroTrend Micro Rootkit Buster2.2affected

Weaknesses

  • Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References