What is CVE-2023-28929?

CVE-2023-28929 is a DLL Hijacking vulnerability in Trend Micro Security 2021, 2022, and 2023 (Consumer) that could allow an attacker to execute a malicious program.

How severe is CVE-2023-28929?

CVE-2023-28929 has a severity rating of 7.8 (high).

Which software versions are affected by CVE-2023-28929?

Trend Micro Security 2021, 2022, and 2023 (Consumer) versions up to and including 17.7.1476 are affected by CVE-2023-28929.

Vulnerability/
CVE-2023-28929

high

7.8

CWE

427

26/6/2023

2/8/2024

CVE-2023-28929

Q: How can an attacker exploit CVE-2023-28929?

An attacker can exploit CVE-2023-28929 by using a specific executable file as an execution and/or persistence mechanism to execute a malicious program each time the executable file is started.

Q: How can I fix CVE-2023-28929?

To fix CVE-2023-28929, update Trend Micro Security 2021, 2022, and 2023 (Consumer) to version 17.7.1477 or later.

First published: Mon Jun 26 2023(Updated: )

Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to a DLL Hijacking vulnerability which could allow an attacker to use a specific executable file as an execution and/or persistence mechanism which could execute a malicious program each time the executable file is started.

Credit: security@trendmicro.com

Affected Software	Affected Version	How to fix
Trendmicro Antivirus\+ Security 2021	<=17.0.1412
Trendmicro Internet Security 2021	<=17.0.1412
Trend Micro Maximum Security	<=17.0.1412
Trendmicro Premium Security 2021	<=17.0.1412
Microsoft Windows
Trendmicro Antivirus\+ Security 2022	<=17.7.1476
Trendmicro Internet Security 2022	<=17.7.1476
Trendmicro Maximum Security 2022	<=17.7.1476
Trendmicro Premium Security 2022	<=17.7.1476
Trendmicro Antivirus\+ Security 2023	<=17.7.1476
Trendmicro Internet Security 2023	<=17.7.1476
Trendmicro Maximum Security 2023	<=17.7.1476
Trendmicro Premium Security 2023	<=17.7.1476

Never miss a vulnerability like this again

Reference Links

https://helpcenter.trendmicro.com/en-us/article/tmka-19062

Frequently Asked Questions

What is CVE-2023-28929?
CVE-2023-28929 is a DLL Hijacking vulnerability in Trend Micro Security 2021, 2022, and 2023 (Consumer) that could allow an attacker to execute a malicious program.
How severe is CVE-2023-28929?
CVE-2023-28929 has a severity rating of 7.8 (high).
Which software versions are affected by CVE-2023-28929?
Trend Micro Security 2021, 2022, and 2023 (Consumer) versions up to and including 17.7.1476 are affected by CVE-2023-28929.
How can an attacker exploit CVE-2023-28929?
An attacker can exploit CVE-2023-28929 by using a specific executable file as an execution and/or persistence mechanism to execute a malicious program each time the executable file is started.
How can I fix CVE-2023-28929?
To fix CVE-2023-28929, update Trend Micro Security 2021, 2022, and 2023 (Consumer) to version 17.7.1477 or later.

collector/nvd-index
agent/author
agent/severity
agent/weakness
agent/references
agent/type
agent/event
agent/description
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/trendmicro
canonical/trendmicro antivirus\+ security 2021
version/trendmicro antivirus\+ security 2021/17.0.1412
canonical/trendmicro internet security 2021
version/trendmicro internet security 2021/17.0.1412
canonical/trend micro maximum security
version/trend micro maximum security/17.0.1412
canonical/trendmicro premium security 2021
version/trendmicro premium security 2021/17.0.1412
vendor/microsoft
canonical/microsoft windows
canonical/trendmicro antivirus\+ security 2022
version/trendmicro antivirus\+ security 2022/17.7.1476
canonical/trendmicro internet security 2022
version/trendmicro internet security 2022/17.7.1476
canonical/trendmicro maximum security 2022
version/trendmicro maximum security 2022/17.7.1476
canonical/trendmicro premium security 2022
version/trendmicro premium security 2022/17.7.1476
canonical/trendmicro antivirus\+ security 2023
version/trendmicro antivirus\+ security 2023/17.7.1476
canonical/trendmicro internet security 2023
version/trendmicro internet security 2023/17.7.1476
canonical/trendmicro maximum security 2023
version/trendmicro maximum security 2023/17.7.1476
canonical/trendmicro premium security 2023
version/trendmicro premium security 2023/17.7.1476

CVE-2023-28929

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2023-28929?

How severe is CVE-2023-28929?

Which software versions are affected by CVE-2023-28929?

How can an attacker exploit CVE-2023-28929?

How can I fix CVE-2023-28929?

Company

Resources

Contact