CVE-2020-27695
Severity CVSS v4.0:
Pending analysis
Type:
CWE-426
Untrusted Search Path
Publication date:
18/11/2020
Last modified:
01/12/2020
Description
Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a local directory which can lead to obtaining administrative privileges during the installation of the product.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Base Score 2.0
6.90
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:trendmicro:antivirus\+_security_2020:*:*:*:*:*:*:*:* | 16.0 (including) | |
cpe:2.3:a:trendmicro:internet_security_2020:*:*:*:*:*:*:*:* | 16.0 (including) | |
cpe:2.3:a:trendmicro:maximum_security_2020:*:*:*:*:*:*:*:* | 16.0 (including) | |
cpe:2.3:a:trendmicro:premium_security_2020:*:*:*:*:*:*:*:* | 16.0 (including) | |
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page