CVE-2019-14687
First published: Tue Aug 20 2019(Updated: )
A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service's process. This process is very similar, yet not identical to CVE-2019-14684.
Credit: security@trendmicro.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Trendmicro Password Manager | =5.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-14687?
CVE-2019-14687 is considered a high severity vulnerability due to the potential exploitation allowing unauthorized DLL loading.
How do I fix CVE-2019-14687?
To mitigate CVE-2019-14687, users should update Trend Micro Password Manager to the latest version provided by the vendor.
What systems are affected by CVE-2019-14687?
CVE-2019-14687 specifically affects Trend Micro Password Manager version 5.0.
Can CVE-2019-14687 be exploited remotely?
CVE-2019-14687 requires local access to exploit, indicating that remote exploitation is not possible.
What impact does CVE-2019-14687 have on user security?
Exploitation of CVE-2019-14687 could lead to unauthorized access to sensitive user data by loading malicious DLLs.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/references
- agent/weakness
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- vendor/trendmicro
- canonical/trendmicro password manager
- version/trendmicro password manager/5.0