First published: Wed Aug 05 2020(Updated: )
An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability.
Credit: security@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trendmicro Antivirus Toolkit | <1.62.1240 | |
Trendmicro Apex One | =2019 | |
Trendmicro Apex One | =saas | |
Trendmicro Deep Security | =9.6 | |
Trendmicro Deep Security | =10.0 | |
Trendmicro Deep Security | =11.0 | |
Trendmicro Deep Security | =12.0 | |
Trendmicro Officescan | =xg-sp1 | |
Trendmicro Officescan Business Security | =9.0 | |
Trendmicro Officescan Business Security | =9.5 | |
Trendmicro Officescan Business Security | =10.0-sp1 | |
Trendmicro Officescan Business Security Service | ||
Trendmicro Officescan Cloud | =15 | |
Trendmicro Officescan Cloud | =16.0 | |
Trendmicro Online Scan | =8.0 | |
Trendmicro Portable Security | =2.0 | |
Trendmicro Portable Security | =3.0 | |
Trendmicro Rootkit Buster | =2.2 | |
Trendmicro Safe Lock | ||
Trendmicro Safe Lock | =2.0-sp1 | |
Trendmicro Serverprotect | =5.8 | |
Trendmicro Serverprotect | =5.8 | |
Trendmicro Serverprotect | =5.8 | |
Trendmicro Serverprotect | =6.0 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-8607 is an input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver.
CVE-2020-8607 has a severity rating of 6.7 (high).
Multiple Trend Micro products are affected by CVE-2020-8607, including Trendmicro Antivirus Toolkit, Trend Micro Apex One and Worry-Free Business Security, Trendmicro Deep Security, Trendmicro Officescan, Trendmicro Officescan Business Security, Trendmicro Officescan Business Security Service, Trendmicro Officescan Cloud, Trendmicro Online Scan, Trendmicro Portable Security, Trendmicro Rootkit Buster, Trendmicro Safe Lock, and Trendmicro Serverprotect.
The risk of CVE-2020-8607 is that an attacker in user-mode with administrator permissions could abuse a driver to modify a kernel address, potentially causing a system crash.
Trend Micro has released patches to address the vulnerability in the affected products. Please refer to the references for more information.