CVE-2019-14686

A DLL hijacking vulnerability exists in the Trend Micro Security's 2019 consumer family of products (v15) Folder Shield component and the standalone Trend Micro Ransom Buster (1.0) tool in which, if exploited, would allow an attacker to load a malicious DLL, leading to elevated privileges.

Published: Aug 21, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-14686
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-427

Affected Software
References

Software	From	Fixed in
trendmicro / antivirus_+_security_2019	15.0	15.0.x
trendmicro / internet_security_2019	15.0	15.0.x
trendmicro / maximum_security_2019	15.0	15.0.x
trendmicro / premium_security_2019	15.0	15.0.x
trendmicro / ransom_buster	1.0	1.0.x

https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123421.aspx

Vulnerability Database

289,871

CVE-2019-14686