CVE-2020-15602 - OpenCVE

An untrusted search path remote code execution (RCE) vulnerability in the Trend Micro Secuity 2020 (v16.0.0.1146 and below) consumer family of products could allow an attacker to run arbitrary code on a vulnerable system. As the Trend Micro installer tries to load DLL files from its current directory, an arbitrary DLL could also be loaded with the same privileges as the installer if run as Administrator. User interaction is required to exploit the vulnerbaility in that the target must open a malicious directory or device.

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Trendmicro	Premium Security 2020 Internet Security 2020 Antivirus\+ 2020 Maximum Security 2020
Microsoft	Windows

Configuration 1 [-]

AND

OR	cpe:2.3:a:trendmicro:antivirus\+_2020::::::::
	cpe:2.3:a:trendmicro:internet_security_2020::::::::
	cpe:2.3:a:trendmicro:maximum_security_2020::::::::
	cpe:2.3:a:trendmicro:premium_security_2020::::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

References

Link	Resource
https://helpcenter.trendmicro.com/en-us/article/TMKA-09644	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: trendmicro

Published: 2020-07-15T19:15:15

Updated: 2020-07-15T19:15:15

Reserved: 2020-07-07T00:00:00

Link: CVE-2020-15602

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-07-15T20:15:13.443

Modified: 2020-07-22T17:48:49.477

Link: CVE-2020-15602

JSON object: View

Redhat Information

No data.

CWE

CWE-426

{"containers": {"cna": {"affected": [{"product": "Trend Micro Security (Consumer)", "vendor": "Trend Micro", "versions": [{"status": "affected", "version": "2020 (v16)"}]}], "descriptions": [{"lang": "en", "value": "An untrusted search path remote code execution (RCE) vulnerability in the Trend Micro Secuity 2020 (v16.0.0.1146 and below) consumer family of products could allow an attacker to run arbitrary code on a vulnerable system. As the Trend Micro installer tries to load DLL files from its current directory, an arbitrary DLL could also be loaded with the same privileges as the installer if run as Administrator. User interaction is required to exploit the vulnerbaility in that the target must open a malicious directory or device."}], "problemTypes": [{"descriptions": [{"description": "Untrusted Search Patch RCE", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-07-15T19:15:15", "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272", "shortName": "trendmicro"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-09644"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@trendmicro.com", "ID": "CVE-2020-15602", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Trend Micro Security (Consumer)", "version": {"version_data": [{"version_value": "2020 (v16)"}]}}]}, "vendor_name": "Trend Micro"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An untrusted search path remote code execution (RCE) vulnerability in the Trend Micro Secuity 2020 (v16.0.0.1146 and below) consumer family of products could allow an attacker to run arbitrary code on a vulnerable system. As the Trend Micro installer tries to load DLL files from its current directory, an arbitrary DLL could also be loaded with the same privileges as the installer if run as Administrator. User interaction is required to exploit the vulnerbaility in that the target must open a malicious directory or device."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Untrusted Search Patch RCE"}]}]}, "references": {"reference_data": [{"name": "https://helpcenter.trendmicro.com/en-us/article/TMKA-09644", "refsource": "MISC", "url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-09644"}]}}}}, "cveMetadata": {"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272", "assignerShortName": "trendmicro", "cveId": "CVE-2020-15602", "datePublished": "2020-07-15T19:15:15", "dateReserved": "2020-07-07T00:00:00", "dateUpdated": "2020-07-15T19:15:15", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:trendmicro:antivirus\\+_2020:*:*:*:*:*:*:*:*", "matchCriteriaId": "A6E864EE-378E-49C3-86A2-865184804BC6", "versionEndIncluding": "16.0.1146", "vulnerable": true}, {"criteria": "cpe:2.3:a:trendmicro:internet_security_2020:*:*:*:*:*:*:*:*", "matchCriteriaId": "9CDD7881-141F-4134-911D-8806E67751AA", "versionEndIncluding": "16.0.1146", "vulnerable": true}, {"criteria": "cpe:2.3:a:trendmicro:maximum_security_2020:*:*:*:*:*:*:*:*", "matchCriteriaId": "D029A529-3679-4083-8E26-0ABE5D7D98C8", "versionEndIncluding": "16.0.1146", "vulnerable": true}, {"criteria": "cpe:2.3:a:trendmicro:premium_security_2020:*:*:*:*:*:*:*:*", "matchCriteriaId": "6BCDB8EF-9442-4C29-A59E-F9170E675EA5", "versionEndIncluding": "16.0.1146", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An untrusted search path remote code execution (RCE) vulnerability in the Trend Micro Secuity 2020 (v16.0.0.1146 and below) consumer family of products could allow an attacker to run arbitrary code on a vulnerable system. As the Trend Micro installer tries to load DLL files from its current directory, an arbitrary DLL could also be loaded with the same privileges as the installer if run as Administrator. User interaction is required to exploit the vulnerbaility in that the target must open a malicious directory or device."}, {"lang": "es", "value": "Una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota de ruta de b\u00fasqueda no confiable (RCE) en la familia de productos de consumo Trend Micro Secuity 2020 (versiones v16.0.0.1146 y posteriores), podr\u00eda permitir a un atacante ejecutar c\u00f3digo arbitrario en un sistema vulnerable. A medida que el instalador de Trend Micro intenta cargar archivos DLL desde su directorio actual, una DLL arbitraria tambi\u00e9n podr\u00eda ser cargada con los mismos privilegios que el instalador si se ejecuta como Administrador. Se requiere una interacci\u00f3n del usuario para explotar la vulnerabilidad en el sentido de que el objetivo debe abrir un directorio o dispositivo malicioso"}], "id": "CVE-2020-15602", "lastModified": "2020-07-22T17:48:49.477", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-07-15T20:15:13.443", "references": [{"source": "security@trendmicro.com", "tags": ["Vendor Advisory"], "url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-09644"}], "sourceIdentifier": "security@trendmicro.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-426"}], "source": "nvd@nist.gov", "type": "Primary"}]}