CVE-2020-8607

An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability.

Published: Aug 5, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-8607
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.7
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
trendmicro / antivirus_toolkit	-	1.62.1240
trendmicro / apex_one	2019	2019.x
trendmicro / apex_one	saas	saas.x
trendmicro / deep_security	9.6	9.6.x
trendmicro / deep_security	10.0	10.0.x
trendmicro / deep_security	11.0	11.0.x
trendmicro / deep_security	12.0	12.0.x
trendmicro / officescan	xg-sp1	xg-sp1.x
trendmicro / officescan_business_security	9.0	9.0.x
trendmicro / officescan_business_security	9.5	9.5.x
trendmicro / officescan_business_security	10.0-sp1	10.0-sp1.x
trendmicro / officescan_cloud	15	15.x
trendmicro / officescan_cloud	16.0	16.0.x
trendmicro / online_scan	8.0	8.0.x
trendmicro / portable_security	2.0	2.0.x
trendmicro / portable_security	3.0	3.0.x
trendmicro / rootkit_buster	2.2	2.2.x
trendmicro / safe_lock	2.0-sp1	2.0-sp1.x
trendmicro / serverprotect	5.8	5.8.x
trendmicro / serverprotect	6.0	6.0.x

Vulnerability Database

289,697

CVE-2020-8607