cvelistv5 - CVE-2024-23940

CVE-2024-23940

Vulnerability from cvelistv5

Published

2024-01-29 18:22

Modified

2024-08-01 23:13

Severity ?

Summary

References

URL	Tags
security@trendmicro.com	https://helpcenter.trendmicro.com/en-us/article/tmka-12134	Vendor Advisory
security@trendmicro.com	https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132	Vendor Advisory
security@trendmicro.com	https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1	Exploit, Technical Description, Third Party Advisory

Impacted products

▼	Vendor	Product
	Trend Micro, Inc.	Trend Micro Security (Consumer) uiAirSupport

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:13:08.534Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Security (Consumer) uiAirSupport",
          "vendor": "Trend Micro, Inc.",
          "versions": [
            {
              "lessThan": "6.0.2093",
              "status": "affected",
              "version": "2023 (6.0)",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-29T18:22:34.819Z",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134"
        },
        {
          "url": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132"
        },
        {
          "url": "https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2024-23940",
    "datePublished": "2024-01-29T18:22:34.819Z",
    "dateReserved": "2024-01-24T01:09:06.034Z",
    "dateUpdated": "2024-08-01T23:13:08.534Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-23940\",\"sourceIdentifier\":\"security@trendmicro.com\",\"published\":\"2024-01-29T19:15:08.887\",\"lastModified\":\"2024-02-06T19:19:33.920\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system.\"},{\"lang\":\"es\",\"value\":\"Trend Micro uiAirSupport, incluido en la familia de productos de consumo Trend Micro Security 2023, versi\u00f3n 6.0.2092 y anteriores, es vulnerable a una vulnerabilidad de secuestro/proxy de DLL que, si se explota, podr\u00eda permitir a un atacante hacerse pasar por una librer\u00eda y modificarla para ejecutar c\u00f3digo en el sistema y, en \u00faltima instancia, escalar privilegios en un sistema afectado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-427\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:air_support:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.2103\",\"matchCriteriaId\":\"71C8D540-28F7-4DEC-8126-C51469277DB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:antivirus_\\\\+_security:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.2103\",\"matchCriteriaId\":\"1F1C4167-F289-4215-A96F-24303D201442\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:internet_security:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.2103\",\"matchCriteriaId\":\"B3A9AD3B-56F3-4D9E-841D-274E5B31AFD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:maximum_security:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.2103\",\"matchCriteriaId\":\"1FD0AABD-3118-4B89-A9F6-61CEFAA1099B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:premium_security:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.2103\",\"matchCriteriaId\":\"314702FF-25AD-44BE-B984-4E57FE5A02D6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://helpcenter.trendmicro.com/en-us/article/tmka-12134\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Exploit\",\"Technical Description\",\"Third Party Advisory\"]}]}}"
  }
}

CVE-2024-23940

Vulnerability from jvndb

Published

2024-02-06 14:46

Modified

2024-03-11 17:42

Severity ?

7.8 (High) - cvssV3_0 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

Incorrect permission assignment vulnerability in Trend Micro uiAirSupport

Details

Trend Micro Incorporated has released a security update for Trend Micro uiAirSupport. Proof-of-concept code (PoC) for this vulnerability is available on the Internet. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.

References

▼	Type	URL
	JVN	https://jvn.jp/en/vu/JVNVU99844997/index.html
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-23940
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-23940
	Related document	https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1
	Uncontrolled Search Path Element(CWE-427)	https://cwe.mitre.org/data/definitions/427.html

Impacted products

▼	Vendor	Product
	Trend Micro, Inc.	Antivirus + Security
	Trend Micro, Inc.	Internet Security
	Trend Micro, Inc.	Trend Micro Maximum Security
	Trend Micro, Inc.	Trend Micro Premium Security

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-001785.html",
  "dc:date": "2024-03-11T17:42+09:00",
  "dcterms:issued": "2024-02-06T14:46+09:00",
  "dcterms:modified": "2024-03-11T17:42+09:00",
  "description": "Trend Micro Incorporated has released a security update for Trend Micro uiAirSupport.\r\n\r\nProof-of-concept code (PoC) for this vulnerability is available on the Internet.\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-001785.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:trendmicro:antivirus_%2B_security",
      "@product": "Antivirus + Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:internet_security",
      "@product": "Internet Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:maximum_security",
      "@product": "Trend Micro Maximum Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:premium_security",
      "@product": "Trend Micro Premium Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "7.8",
    "@severity": "High",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2024-001785",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU99844997/index.html",
      "@id": "JVNVU#99844997",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-23940",
      "@id": "CVE-2024-23940",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2024-23940",
      "@id": "CVE-2024-23940",
      "@source": "NVD"
    },
    {
      "#text": "https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1",
      "@id": "AV - When a Friend Becomes an Enemy - (CVE-2024-23940)",
      "@source": "Related document"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/427.html",
      "@id": "CWE-427",
      "@title": "Uncontrolled Search Path Element(CWE-427)"
    }
  ],
  "title": "Incorrect permission assignment vulnerability in Trend Micro uiAirSupport"
}

ghsa-9fpx-vc83-vhpf

Vulnerability from github

Published

2024-01-29 21:30

Modified

2024-02-06 21:30

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-23940"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-427"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-29T19:15:08Z",
    "severity": "HIGH"
  },
  "details": "Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system.",
  "id": "GHSA-9fpx-vc83-vhpf",
  "modified": "2024-02-06T21:30:24Z",
  "published": "2024-01-29T21:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23940"
    },
    {
      "type": "WEB",
      "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134"
    },
    {
      "type": "WEB",
      "url": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

var-202401-1620

Vulnerability from variot

Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system. From Trend Micro Inc. Air An update has been released for support. The proof-of-concept code ( PoC ) are published on the Internet. This vulnerability information is provided by the developer for the purpose of disseminating the information to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.A user under a standard user account may be able to escalate privileges and execute arbitrary programs

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202401-1620",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "maximum security",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "6.0.2103"
      },
      {
        "model": "antivirus \\+ security",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "6.0.2103"
      },
      {
        "model": "premium security",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "6.0.2103"
      },
      {
        "model": "internet security",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "6.0.2103"
      },
      {
        "model": "air support",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "6.0.2103"
      },
      {
        "model": "air \u30b5\u30dd\u30fc\u30c8",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30c8\u30ec\u30f3\u30c9\u30de\u30a4\u30af\u30ed",
        "version": null
      },
      {
        "model": "air \u30b5\u30dd\u30fc\u30c8",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "\u30c8\u30ec\u30f3\u30c9\u30de\u30a4\u30af\u30ed",
        "version": "air  support    6.0.2092  and earlier"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-23940"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:air_support:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.0.2103",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:antivirus_\\+_security:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.0.2103",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:internet_security:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.0.2103",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:maximum_security:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.0.2103",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:premium_security:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.0.2103",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2024-23940"
      }
    ]
  },
  "cve": "CVE-2024-23940",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2024-23940",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2024-23940",
            "trust": 1.8,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-23940"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system. From Trend Micro Inc. Air An update has been released for support. The proof-of-concept code ( PoC ) are published on the Internet. This vulnerability information is provided by the developer for the purpose of disseminating the information to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.A user under a standard user account may be able to escalate privileges and execute arbitrary programs",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2024-23940"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      },
      {
        "db": "VULMON",
        "id": "CVE-2024-23940"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2024-23940",
        "trust": 2.7
      },
      {
        "db": "JVN",
        "id": "JVNVU99844997",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785",
        "trust": 0.8
      },
      {
        "db": "VULMON",
        "id": "CVE-2024-23940",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2024-23940"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-23940"
      }
    ]
  },
  "id": "VAR-202401-1620",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.12407407
  },
  "last_update_date": "2024-03-18T22:30:08.735000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Alert / Advisory: Air About support vulnerabilities (CVE-2024-23940)",
        "trust": 0.8,
        "url": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-427",
        "trust": 1.0
      },
      {
        "problemtype": "Uncontrolled search path elements (CWE-427) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-23940"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1"
      },
      {
        "trust": 1.1,
        "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134"
      },
      {
        "trust": 1.1,
        "url": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu99844997/index.html"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2024-23940"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2024-23940"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-23940"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2024-23940"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-23940"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-01-29T00:00:00",
        "db": "VULMON",
        "id": "CVE-2024-23940"
      },
      {
        "date": "2024-02-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      },
      {
        "date": "2024-01-29T19:15:08.887000",
        "db": "NVD",
        "id": "CVE-2024-23940"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-01-30T00:00:00",
        "db": "VULMON",
        "id": "CVE-2024-23940"
      },
      {
        "date": "2024-03-11T08:42:00",
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      },
      {
        "date": "2024-02-06T19:19:33.920000",
        "db": "NVD",
        "id": "CVE-2024-23940"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Made by Trend Micro \u00a0Air\u00a0 Support Improper Permission Assignment Vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      }
    ],
    "trust": 0.8
  }
}

wid-sec-w-2024-0237

Vulnerability from csaf_certbund

Published

2024-01-29 23:00

Modified

2024-01-29 23:00

Summary

Trend Micro Internet Security: Schwachstelle ermöglicht Privilegieneskalation

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Trend Micro Internet Security ist eine Firewall und Antivirus Lösung. Trend Micro Maximum Security ist eine Desktop Security Suite.

Angriff

Ein lokaler Angreifer kann eine Schwachstelle in Trend Micro Internet Security und Trend Micro Maximum Security ausnutzen, um seine Privilegien zu erhöhen.

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Trend Micro Internet Security ist eine Firewall und Antivirus L\u00f6sung.\r\nTrend Micro Maximum Security ist eine Desktop Security Suite.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann eine Schwachstelle in Trend Micro Internet Security und Trend Micro Maximum Security ausnutzen, um seine Privilegien zu erh\u00f6hen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0237 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0237.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0237 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0237"
      },
      {
        "category": "external",
        "summary": "GitHub Advisory Database vom 2024-01-29",
        "url": "https://github.com/advisories/GHSA-9fpx-vc83-vhpf"
      },
      {
        "category": "external",
        "summary": "TrendMicro Security Bulletin vom 2024-01-29",
        "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134"
      }
    ],
    "source_lang": "en-US",
    "title": "Trend Micro Internet Security: Schwachstelle erm\u00f6glicht Privilegieneskalation",
    "tracking": {
      "current_release_date": "2024-01-29T23:00:00.000+00:00",
      "generator": {
        "date": "2024-02-15T17:58:30.021+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2024-0237",
      "initial_release_date": "2024-01-29T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-01-29T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Trend Micro Internet Security \u003c 6.0.2103",
            "product": {
              "name": "Trend Micro Internet Security \u003c 6.0.2103",
              "product_id": "T032398",
              "product_identification_helper": {
                "cpe": "cpe:/a:trendmicro:internet_security:6.0.2103"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Trend Micro Maximum Security \u003c 6.0.2103",
            "product": {
              "name": "Trend Micro Maximum Security \u003c 6.0.2103",
              "product_id": "T032399",
              "product_identification_helper": {
                "cpe": "cpe:/a:trendmicro:maximum_security:6.0.2103"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Trend Micro"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-23940",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Trend Micro Internet Security und Trend Micro Maximum Security. Diese ist auf eine Anf\u00e4lligkeit f\u00fcr DLL-Hijacking zur\u00fcckzuf\u00fchren, durch welche Programmcode ausgef\u00fchrt werden kann, um eine Privilegieneskalation herbeizuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erweitern."
        }
      ],
      "release_date": "2024-01-29T23:00:00Z",
      "title": "CVE-2024-23940"
    }
  ]
}

gsd-2024-23940

Vulnerability from gsd

Modified

2024-01-24 06:02

Details

Aliases

CVE-2024-23940

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-23940"
      ],
      "details": "Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system.",
      "id": "GSD-2024-23940",
      "modified": "2024-01-24T06:02:24.996584Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@trendmicro.com",
        "ID": "CVE-2024-23940",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Trend Micro Security (Consumer) uiAirSupport",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "2023 (6.0)",
                          "version_value": "6.0.2093"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Trend Micro, Inc."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134",
            "refsource": "MISC",
            "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134"
          },
          {
            "name": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132",
            "refsource": "MISC",
            "url": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132"
          },
          {
            "name": "https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1",
            "refsource": "MISC",
            "url": "https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:trendmicro:air_support:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "71C8D540-28F7-4DEC-8126-C51469277DB2",
                    "versionEndExcluding": "6.0.2103",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:trendmicro:antivirus_\\+_security:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "1F1C4167-F289-4215-A96F-24303D201442",
                    "versionEndExcluding": "6.0.2103",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:trendmicro:internet_security:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "B3A9AD3B-56F3-4D9E-841D-274E5B31AFD6",
                    "versionEndExcluding": "6.0.2103",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:trendmicro:maximum_security:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "1FD0AABD-3118-4B89-A9F6-61CEFAA1099B",
                    "versionEndExcluding": "6.0.2103",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:trendmicro:premium_security:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "314702FF-25AD-44BE-B984-4E57FE5A02D6",
                    "versionEndExcluding": "6.0.2103",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system."
          },
          {
            "lang": "es",
            "value": "Trend Micro uiAirSupport, incluido en la familia de productos de consumo Trend Micro Security 2023, versi\u00f3n 6.0.2092 y anteriores, es vulnerable a una vulnerabilidad de secuestro/proxy de DLL que, si se explota, podr\u00eda permitir a un atacante hacerse pasar por una librer\u00eda y modificarla para ejecutar c\u00f3digo en el sistema y, en \u00faltima instancia, escalar privilegios en un sistema afectado."
          }
        ],
        "id": "CVE-2024-23940",
        "lastModified": "2024-02-06T19:19:33.920",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 1.8,
              "impactScore": 5.9,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2024-01-29T19:15:08.887",
        "references": [
          {
            "source": "security@trendmicro.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134"
          },
          {
            "source": "security@trendmicro.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132"
          },
          {
            "source": "security@trendmicro.com",
            "tags": [
              "Exploit",
              "Technical Description",
              "Third Party Advisory"
            ],
            "url": "https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1"
          }
        ],
        "sourceIdentifier": "security@trendmicro.com",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-427"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2024-23940

Vulnerability from cvelistv5

CVE-2024-23940

Vulnerability from jvndb

ghsa-9fpx-vc83-vhpf

Vulnerability from github

var-202401-1620

Vulnerability from variot

wid-sec-w-2024-0237

Vulnerability from csaf_certbund

gsd-2024-23940

Vulnerability from gsd

Tags

Sightings

Nomenclature