CVE-2019-9492

EPSS 0.6%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

26 Jul 2019Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A DLL side-loading vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow an authenticated attacker to gain code execution and terminate the product's process - disabling endpoint protection. The attacker must have already gained authentication and have local access to the vulnerable system.

Affected products

Trend Micro · Trend Micro OfficeScan

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://success.trendmicro.com/solution/1123045 https://www.nsslabs.com/blog-posts/2019/7/24/your-advanced-endpoint-protection-aep-product-protects-your-computer-but-can-it-protect-itself