Vulnerability Details CVE-2020-15603
An invalid memory read vulnerability in a Trend Micro Secuity 2020 (v16.0.0.1302 and below) consumer family of products' driver could allow an attacker to manipulate the specific driver to do a system call operation with an invalid address, resulting in a potential system crash.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.1%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.8
References
Products affected by CVE-2020-15603
-
cpe:2.3:a:trendmicro:antivirus+_2020:16.0
-
cpe:2.3:a:trendmicro:antivirus+_2020:16.0.1146
-
cpe:2.3:a:trendmicro:antivirus+_2020:16.0.1302
-
cpe:2.3:a:trendmicro:internet_security_2020:16.0
-
cpe:2.3:a:trendmicro:internet_security_2020:16.0.1146
-
cpe:2.3:a:trendmicro:internet_security_2020:16.0.1221
-
cpe:2.3:a:trendmicro:internet_security_2020:16.0.1227
-
cpe:2.3:a:trendmicro:internet_security_2020:16.0.1249
-
cpe:2.3:a:trendmicro:internet_security_2020:16.0.1302
-
cpe:2.3:a:trendmicro:maximum_security_2020:16.0
-
cpe:2.3:a:trendmicro:maximum_security_2020:16.0.1146
-
cpe:2.3:a:trendmicro:maximum_security_2020:16.0.1221
-
cpe:2.3:a:trendmicro:maximum_security_2020:16.0.1227
-
cpe:2.3:a:trendmicro:maximum_security_2020:16.0.1302
-
cpe:2.3:a:trendmicro:premium_security_2020:16.0
-
cpe:2.3:a:trendmicro:premium_security_2020:16.0.1146
-
cpe:2.3:a:trendmicro:premium_security_2020:16.0.1221
-
cpe:2.3:a:trendmicro:premium_security_2020:16.0.1227
-
cpe:2.3:a:trendmicro:premium_security_2020:16.0.1249
-
cpe:2.3:a:trendmicro:premium_security_2020:16.0.1302
-
cpe:2.3:o:microsoft:windows:-