CVE-2019-15628

EPSS 0.5%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

02 Dec 2019Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Trend Micro Security (Consumer) 2020 (v16.0.1221 and below) is affected by a DLL hijacking vulnerability that could allow an attacker to use a specific service as an execution and/or persistence mechanism which could execute a malicious program each time the service is started.

Affected products

Trend Micro · Trend Micro Security (Consumer)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124011.aspx https://safebreach.com/Post/Trend-Micro-Security-16-DLL-Search-Order-Hijacking-and-Potential-Abuses-CVE-2019-15628