An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: trendmicro
Published: 2020-08-05T14:05:23
Updated: 2024-08-04T10:03:46.363Z
Reserved: 2020-02-04T00:00:00
Link: CVE-2020-8607
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-08-05T14:15:13.530
Modified: 2024-11-21T05:39:07.050
Link: CVE-2020-8607
Redhat
No data.