First published: Fri May 25 2018(Updated: )
A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x22205C by the tmnciesc.sys driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Credit: security@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trend Micro Maximum Security | <=12.0 | |
Trendmicro Internet Security | <=12.0 | |
Trendmicro Maximum Security | <=12.0 | |
Trendmicro Premium Security | <=12.0 | |
Microsoft Windows | ||
Trend Micro Maximum Security |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-6232 is a vulnerability in Trend Micro Maximum Security that allows local attackers to escalate privileges on vulnerable installations.
CVE-2018-6232 has a severity rating of 7.8 (out of 10).
Trend Micro Maximum Security versions up to and including 12.0 are affected by CVE-2018-6232.
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit CVE-2018-6232.
No, Microsoft Windows is not vulnerable to CVE-2018-6232.