VAR-201703-0719
Vulnerability from variot - Updated: 2023-12-18 13:14Code injection vulnerability in Trend Micro Maximum Security 11.0 (and earlier), Internet Security 11.0 (and earlier), and Antivirus+ Security 11.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Trend Micro process via a "DoubleAgent" attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry; (2) the self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products; and (3) this mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack. Multiple Trend Micro products are prone to a local code-injection vulnerability. A local attacker can exploit this issue to execute arbitrary code in the context of the system running the affected application; this can also result in the attacker gaining complete control of the affected application. Trend Micro Internet Security 11.0 and prior. Trend Micro Antivirus+ Security 11.0 and prior
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201703-0719",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "maximum security",
"scope": "eq",
"trust": 1.1,
"vendor": "trend micro",
"version": "11.0"
},
{
"model": "internet security",
"scope": "eq",
"trust": 1.1,
"vendor": "trend micro",
"version": "11.0"
},
{
"model": "antivirus\\+",
"scope": "lte",
"trust": 1.0,
"vendor": "trendmicro",
"version": "11.1.1005"
},
{
"model": "premium security",
"scope": "lte",
"trust": 1.0,
"vendor": "trendmicro",
"version": "11.1.1005"
},
{
"model": "internet security",
"scope": "lte",
"trust": 1.0,
"vendor": "trendmicro",
"version": "11.1.1005"
},
{
"model": "maximum security",
"scope": "lte",
"trust": 1.0,
"vendor": "trendmicro",
"version": "11.1.1005"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "11.0"
},
{
"model": "premium security",
"scope": null,
"trust": 0.8,
"vendor": "trend micro",
"version": null
},
{
"model": "maximum security",
"scope": "eq",
"trust": 0.6,
"vendor": "trendmicro",
"version": "11.1.1005"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.6,
"vendor": "trendmicro",
"version": "11.1.1005"
},
{
"model": "antivirus\\+",
"scope": "eq",
"trust": 0.6,
"vendor": "trendmicro",
"version": "11.1.1005"
},
{
"model": "premium security",
"scope": "eq",
"trust": 0.6,
"vendor": "trendmicro",
"version": "11.1.1005"
},
{
"model": "maximum security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "10.0.1265"
},
{
"model": "maximum security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "8.0.2063"
},
{
"model": "maximum security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "8.0"
},
{
"model": "maximum security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "10.0.1186"
},
{
"model": "maximum security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "10.0"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "10.0.1265"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "8.0"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "10.0.1186"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "10.0"
},
{
"model": "antivirus+ security",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "11.0"
}
],
"sources": [
{
"db": "BID",
"id": "97031"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"db": "NVD",
"id": "CVE-2017-5565"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:trendmicro:premium_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.1.1005",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:trendmicro:maximum_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.1.1005",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:trendmicro:antivirus\\+:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.1.1005",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:trendmicro:internet_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.1.1005",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5565"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michael Engstler",
"sources": [
{
"db": "BID",
"id": "97031"
}
],
"trust": 0.3
},
"cve": "CVE-2017-5565",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-5565",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-5565",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-5565",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-938",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"db": "NVD",
"id": "CVE-2017-5565"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code injection vulnerability in Trend Micro Maximum Security 11.0 (and earlier), Internet Security 11.0 (and earlier), and Antivirus+ Security 11.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Trend Micro process via a \"DoubleAgent\" attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry; (2) the self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products; and (3) this mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack. Multiple Trend Micro products are prone to a local code-injection vulnerability. \nA local attacker can exploit this issue to execute arbitrary code in the context of the system running the affected application; this can also result in the attacker gaining complete control of the affected application. \nTrend Micro Internet Security 11.0 and prior. \nTrend Micro Antivirus+ Security 11.0 and prior",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5565"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"db": "BID",
"id": "97031"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5565",
"trust": 2.7
},
{
"db": "BID",
"id": "97031",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1038206",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002759",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201703-938",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "97031"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"db": "NVD",
"id": "CVE-2017-5565"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
]
},
"id": "VAR-201703-0719",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.12407407
},
"last_update_date": "2023-12-18T13:14:24.074000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SECURITY BULLETIN: Trend Micro Products and the DoubleAgent Security Issue",
"trust": 0.8,
"url": "https://success.trendmicro.com/solution/1116957"
},
{
"title": "Trend Micro Maximum Security , Internet Security And Antivirus+ Security Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68668"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-427",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"db": "NVD",
"id": "CVE-2017-5565"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/97031"
},
{
"trust": 1.9,
"url": "http://cybellum.com/doubleagentzero-day-code-injection-and-persistence-technique/"
},
{
"trust": 1.6,
"url": "http://cybellum.com/doubleagent-taking-full-control-antivirus/"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id/1038206"
},
{
"trust": 1.6,
"url": "https://success.trendmicro.com/solution/1116957"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5565"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5565"
},
{
"trust": 0.3,
"url": "http://www.trend.com"
}
],
"sources": [
{
"db": "BID",
"id": "97031"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"db": "NVD",
"id": "CVE-2017-5565"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "97031"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"db": "NVD",
"id": "CVE-2017-5565"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-21T00:00:00",
"db": "BID",
"id": "97031"
},
{
"date": "2017-04-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"date": "2017-03-21T16:59:00.287000",
"db": "NVD",
"id": "CVE-2017-5565"
},
{
"date": "2017-03-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-29T00:01:00",
"db": "BID",
"id": "97031"
},
{
"date": "2017-04-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002759"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-5565"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "97031"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Trend Micro Vulnerabilities related to authorization, authority, and access control in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002759"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-938"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…