CVE-2020-27697 (GCVE-0-2020-27697)

Vulnerability from cvelistv5 – Published: 2020-11-18 18:45 – Updated: 2024-08-04 16:18
VLAI?
Summary
Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a non-protected location with high privileges (symlink attack) which can lead to obtaining administrative privileges during the installation of the product.
Severity ?
No CVSS data available.
CWE
  • Local Privilege Escalation
Assigner
References
Impacted products
Vendor Product Version
Trend Micro Trend Micro Security (Consumer) Affected: 2020 (v16)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.678Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10036"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Security (Consumer)",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "2020 (v16)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a non-protected location with high privileges (symlink attack) which can lead to obtaining administrative privileges during the installation of the product."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Local Privilege Escalation",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-18T18:45:38",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10036"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2020-27697",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro Security (Consumer)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2020 (v16)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a non-protected location with high privileges (symlink attack) which can lead to obtaining administrative privileges during the installation of the product."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Local Privilege Escalation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10036",
              "refsource": "MISC",
              "url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10036"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2020-27697",
    "datePublished": "2020-11-18T18:45:38",
    "dateReserved": "2020-10-26T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.678Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:antivirus\\\\+_security_2020:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"16.0\", \"matchCriteriaId\": \"C00561E3-418B-4FCD-B1F4-E2ABBB283D82\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:internet_security_2020:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"16.0\", \"matchCriteriaId\": \"9D2DD545-14EE-4244-9941-DE9423BAEFE1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:maximum_security_2020:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"16.0\", \"matchCriteriaId\": \"9DD354AF-05D4-434F-9195-D4029AC65001\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:premium_security_2020:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"16.0\", \"matchCriteriaId\": \"9B92B18B-6DF1-4924-804C-96ABCBEFBE65\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a non-protected location with high privileges (symlink attack) which can lead to obtaining administrative privileges during the installation of the product.\"}, {\"lang\": \"es\", \"value\": \"Trend Micro Security 2020 (Consumer), contiene una vulnerabilidad en el paquete de instalaci\\u00f3n que podr\\u00eda ser explotada al colocar una DLL maliciosa en una ubicaci\\u00f3n no protegida con altos privilegios (ataque de tipo symlink) que puede conllevar a una obtenci\\u00f3n de privilegios administrativos durante la instalaci\\u00f3n del producto\"}]",
      "id": "CVE-2020-27697",
      "lastModified": "2024-11-21T05:21:40.507",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 6.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.4, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2020-11-18T19:15:11.460",
      "references": "[{\"url\": \"https://helpcenter.trendmicro.com/en-us/article/TMKA-10036\", \"source\": \"security@trendmicro.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://helpcenter.trendmicro.com/en-us/article/TMKA-10036\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@trendmicro.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-59\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-27697\",\"sourceIdentifier\":\"security@trendmicro.com\",\"published\":\"2020-11-18T19:15:11.460\",\"lastModified\":\"2024-11-21T05:21:40.507\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a non-protected location with high privileges (symlink attack) which can lead to obtaining administrative privileges during the installation of the product.\"},{\"lang\":\"es\",\"value\":\"Trend Micro Security 2020 (Consumer), contiene una vulnerabilidad en el paquete de instalaci\u00f3n que podr\u00eda ser explotada al colocar una DLL maliciosa en una ubicaci\u00f3n no protegida con altos privilegios (ataque de tipo symlink) que puede conllevar a una obtenci\u00f3n de privilegios administrativos durante la instalaci\u00f3n del producto\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":6.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-59\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:antivirus\\\\+_security_2020:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"16.0\",\"matchCriteriaId\":\"C00561E3-418B-4FCD-B1F4-E2ABBB283D82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:internet_security_2020:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"16.0\",\"matchCriteriaId\":\"9D2DD545-14EE-4244-9941-DE9423BAEFE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:maximum_security_2020:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"16.0\",\"matchCriteriaId\":\"9DD354AF-05D4-434F-9195-D4029AC65001\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:premium_security_2020:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"16.0\",\"matchCriteriaId\":\"9B92B18B-6DF1-4924-804C-96ABCBEFBE65\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://helpcenter.trendmicro.com/en-us/article/TMKA-10036\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://helpcenter.trendmicro.com/en-us/article/TMKA-10036\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.