CVE-2020-27695

Severity CVSS v4.0:
Pending analysis
Type:
CWE-426 Untrusted Search Path
Publication date:
18/11/2020
Last modified:
01/12/2020

Description

Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a local directory which can lead to obtaining administrative privileges during the installation of the product.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:trendmicro:antivirus\+_security_2020:*:*:*:*:*:*:*:* 16.0 (including)
cpe:2.3:a:trendmicro:internet_security_2020:*:*:*:*:*:*:*:* 16.0 (including)
cpe:2.3:a:trendmicro:maximum_security_2020:*:*:*:*:*:*:*:* 16.0 (including)
cpe:2.3:a:trendmicro:premium_security_2020:*:*:*:*:*:*:*:* 16.0 (including)
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools