Trendmicro: >> Endpoint Sensor Security Vulnerabilities
Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial product installation by an authorized user. The attacker must convince the target to download malicious DLL locally which must be present when the installer is run.
CVSS Score
7.0
EPSS Score
0.004
Published
2020-02-20
A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.
CVSS Score
7.0
EPSS Score
0.004
Published
2018-02-16
Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208.
CVSS Score
7.8
EPSS Score
0.013
Published
2017-03-10