Vulnerability Details CVE-2018-18333
A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163 and below could allow an attacker to manipulate a specific DLL and escalate privileges on vulnerable installations.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.3%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- https://esupport.trendmicro.com/en-us/home/pages/technical-support/1121932.aspx
- https://gaissecurity.com/yazi/discovery-of-dll-hijack-on-trend-micro-antivirusplus-cve-2018-18333
- https://kaganisildak.com/2019/01/17/discovery-of-dll-hijack-on-trend-micro-antivirus-cve-2018-18333/
- https://esupport.trendmicro.com/en-us/home/pages/technical-support/1121932.aspx
- https://gaissecurity.com/yazi/discovery-of-dll-hijack-on-trend-micro-antivirusplus-cve-2018-18333
- https://kaganisildak.com/2019/01/17/discovery-of-dll-hijack-on-trend-micro-antivirus-cve-2018-18333/
Products affected by CVE-2018-18333
-
cpe:2.3:a:trendmicro:antivirus_+_security:12.0
-
cpe:2.3:a:trendmicro:antivirus_+_security:12.0.1191
-
cpe:2.3:a:trendmicro:antivirus_+_security:15.0
-
cpe:2.3:a:trendmicro:internet_security:10.0
-
cpe:2.3:a:trendmicro:internet_security:11.0
-
cpe:2.3:a:trendmicro:internet_security:11.1.1005
-
cpe:2.3:a:trendmicro:internet_security:12.0
-
cpe:2.3:a:trendmicro:internet_security:12.0.1191
-
cpe:2.3:a:trendmicro:internet_security:15.0
-
cpe:2.3:a:trendmicro:internet_security:8.0
-
cpe:2.3:a:trendmicro:maximum_security:11.0
-
cpe:2.3:a:trendmicro:maximum_security:11.1.1005
-
cpe:2.3:a:trendmicro:maximum_security:12.0
-
cpe:2.3:a:trendmicro:maximum_security:12.0.1191
-
cpe:2.3:a:trendmicro:maximum_security:15.0
-
cpe:2.3:a:trendmicro:premium_security:11.0
-
cpe:2.3:a:trendmicro:premium_security:11.1.1005
-
cpe:2.3:a:trendmicro:premium_security:12.0
-
cpe:2.3:a:trendmicro:premium_security:12.0.1191
-
cpe:2.3:a:trendmicro:premium_security:15.0
-
cpe:2.3:o:microsoft:windows:-