CVE-2019-14687 (GCVE-0-2019-14687)

Vulnerability from cvelistv5 – Published: 2019-08-20 13:30 – Updated: 2024-08-05 00:26
VLAI?
Summary
A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service's process. This process is very similar, yet not identical to CVE-2019-14684.
Severity ?
No CVSS data available.
CWE
  • DLL Hijacking
Assigner
References
Impacted products
Vendor Product Version
Trend Micro Trend Micro Password Manager Affected: 2019 (5.0)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:26:37.484Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://medium.com/%40infiniti_css/fa839acaad59"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123396.aspx"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Password Manager",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "2019 (5.0)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service\u0027s process. This process is very similar, yet not identical to CVE-2019-14684."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "DLL Hijacking",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-20T13:30:51",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://medium.com/%40infiniti_css/fa839acaad59"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123396.aspx"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2019-14687",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro Password Manager",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2019 (5.0)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service\u0027s process. This process is very similar, yet not identical to CVE-2019-14684."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "DLL Hijacking"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://medium.com/@infiniti_css/fa839acaad59",
              "refsource": "MISC",
              "url": "https://medium.com/@infiniti_css/fa839acaad59"
            },
            {
              "name": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123396.aspx",
              "refsource": "CONFIRM",
              "url": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123396.aspx"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2019-14687",
    "datePublished": "2019-08-20T13:30:51",
    "dateReserved": "2019-08-05T00:00:00",
    "dateUpdated": "2024-08-05T00:26:37.484Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:password_manager:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"08C4873A-CEE3-4401-8406-B0E0E7C8A0AB\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service\u0027s process. This process is very similar, yet not identical to CVE-2019-14684.\"}, {\"lang\": \"es\", \"value\": \"Existe una vulnerabilidad de secuestro de DLL en Trend Micro Password Manager 5.0 en el que, si se explota, permitir\\u00eda a un atacante cargar una DLL arbitraria sin firmar en el proceso del servicio firmado. Este proceso es muy similar, pero no id\\u00e9ntico al CVE-2019-14684.\"}]",
      "id": "CVE-2019-14687",
      "lastModified": "2024-11-21T04:27:08.467",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2019-08-20T14:15:11.127",
      "references": "[{\"url\": \"https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123396.aspx\", \"source\": \"security@trendmicro.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://medium.com/%40infiniti_css/fa839acaad59\", \"source\": \"security@trendmicro.com\"}, {\"url\": \"https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123396.aspx\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://medium.com/%40infiniti_css/fa839acaad59\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "security@trendmicro.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-427\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-14687\",\"sourceIdentifier\":\"security@trendmicro.com\",\"published\":\"2019-08-20T14:15:11.127\",\"lastModified\":\"2024-11-21T04:27:08.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service\u0027s process. This process is very similar, yet not identical to CVE-2019-14684.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de secuestro de DLL en Trend Micro Password Manager 5.0 en el que, si se explota, permitir\u00eda a un atacante cargar una DLL arbitraria sin firmar en el proceso del servicio firmado. Este proceso es muy similar, pero no id\u00e9ntico al CVE-2019-14684.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-427\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:password_manager:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08C4873A-CEE3-4401-8406-B0E0E7C8A0AB\"}]}]}],\"references\":[{\"url\":\"https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123396.aspx\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://medium.com/%40infiniti_css/fa839acaad59\",\"source\":\"security@trendmicro.com\"},{\"url\":\"https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123396.aspx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://medium.com/%40infiniti_css/fa839acaad59\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.