CVE-2020-8607
Summary
| CVE | CVE-2020-8607 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-08-05 14:15:00 UTC |
| Updated | 2020-08-11 15:02:00 UTC |
| Description | An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability. |
Risk And Classification
Problem Types: CWE-20
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Microsoft | Windows | - | All | All | All |
| Operating System | Microsoft | Windows | - | All | All | All |
| Application | Trendmicro | Antivirus Toolkit | All | All | All | All |
| Application | Trendmicro | Antivirus Toolkit | All | All | All | All |
| Application | Trendmicro | Apex One | 2019 | All | All | All |
| Application | Trendmicro | Apex One | saas | All | All | All |
| Application | Trendmicro | Apex One | 2019 | All | All | All |
| Application | Trendmicro | Apex One | saas | All | All | All |
| Application | Trendmicro | Deep Security | 10.0 | All | All | All |
| Application | Trendmicro | Deep Security | 11.0 | All | All | All |
| Application | Trendmicro | Deep Security | 12.0 | All | All | All |
| Application | Trendmicro | Deep Security | 9.6 | All | All | All |
| Application | Trendmicro | Deep Security | 10.0 | All | All | All |
| Application | Trendmicro | Deep Security | 11.0 | All | All | All |
| Application | Trendmicro | Deep Security | 12.0 | All | All | All |
| Application | Trendmicro | Deep Security | 9.6 | All | All | All |
| Application | Trendmicro | Officescan | xg | sp1 | All | All |
| Application | Trendmicro | Officescan | xg | sp1 | All | All |
| Application | Trendmicro | Officescan Business Security | 10.0 | sp1 | All | All |
| Application | Trendmicro | Officescan Business Security | 9.0 | All | All | All |
| Application | Trendmicro | Officescan Business Security | 9.5 | All | All | All |
| Application | Trendmicro | Officescan Business Security | 10.0 | sp1 | All | All |
| Application | Trendmicro | Officescan Business Security | 9.0 | All | All | All |
| Application | Trendmicro | Officescan Business Security | 9.5 | All | All | All |
| Application | Trendmicro | Officescan Business Security Service | - | All | All | All |
| Application | Trendmicro | Officescan Business Security Service | - | All | All | All |
| Application | Trendmicro | Officescan Cloud | 15 | All | All | All |
| Application | Trendmicro | Officescan Cloud | 16.0 | All | All | All |
| Application | Trendmicro | Officescan Cloud | 15 | All | All | All |
| Application | Trendmicro | Officescan Cloud | 16.0 | All | All | All |
| Application | Trendmicro | Online Scan | 8.0 | All | All | All |
| Application | Trendmicro | Online Scan | 8.0 | All | All | All |
| Application | Trendmicro | Portable Security | 2.0 | All | All | All |
| Application | Trendmicro | Portable Security | 3.0 | All | All | All |
| Application | Trendmicro | Portable Security | 2.0 | All | All | All |
| Application | Trendmicro | Portable Security | 3.0 | All | All | All |
| Application | Trendmicro | Rootkit Buster | 2.2 | All | All | All |
| Application | Trendmicro | Rootkit Buster | 2.2 | All | All | All |
| Application | Trendmicro | Safe Lock | - | All | All | All |
| Application | Trendmicro | Safe Lock | 2.0 | sp1 | All | All |
| Application | Trendmicro | Safe Lock | - | All | All | All |
| Application | Trendmicro | Safe Lock | 2.0 | sp1 | All | All |
| Application | Trendmicro | Serverprotect | 5.8 | All | All | All |
| Application | Trendmicro | Serverprotect | 5.8 | All | All | All |
| Application | Trendmicro | Serverprotect | 5.8 | All | All | All |
| Application | Trendmicro | Serverprotect | 6.0 | All | All | All |
| Application | Trendmicro | Serverprotect | 5.8 | All | All | All |
| Application | Trendmicro | Serverprotect | 5.8 | All | All | All |
| Application | Trendmicro | Serverprotect | 5.8 | All | All | All |
| Application | Trendmicro | Serverprotect | 6.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SECURITY BULLETIN: Input Validation Vulnerability in Trend Micro Rootkit Driver (Multiple Products) | N/A | success.trendmicro.com | Patch, Vendor Advisory |
| JVNVU#99160193: Trend Micro anti-rootkit driver improperly validates inputs | N/A | jvn.jp | Third Party Advisory |
| Q&A | Trend Micro Business Support | N/A | success.trendmicro.com | Vendor Advisory |
| JVNVU#99160193: トレンドマイクロ社のルートキット対策ドライバに入力値検証不備の脆弱性 | N/A | jvn.jp | Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.