VAR-202205-1103
Vulnerability from variot - Updated: 2024-06-14 23:07Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could allow a low privileged local user to manipulate the product's secure erase feature to delete arbitrary files. Virus Buster from Trend Micro Inc. An update for the cloud has been released. This vulnerability information is provided by the developer for the purpose of dissemination to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.The potential impact will vary for each vulnerability, but you may be impacted by: Please refer to the respective advisory provided by the developer for details. Cloud version 17.7 It was * Arbitrary file deletion due to link interpretation problem when accessing file in data erasure tool - CVE-2022-30687 It was * Privilege escalation due to link interpretation problems when accessing files - CVE-2022-34893 It was * Information Disclosure via Out-of-Bounds Read Vulnerability - CVE-2022-35234 , CVE-2022-37347 , CVE-2022-37348 It was * Time-of-check Time-of-use (( TOCTOU ) Privilege escalation due to race condition vulnerability - CVE-2022-48191 virus buster Cloud version 17.0 It was * Information Disclosure via Out-of-Bounds Read Vulnerability - CVE-2022-35234 , CVE-2022-37347 , CVE-2022-37348. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the implementation of the Secure Erase feature. The issue results from the lack of proper validation of a user-supplied link prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202205-1103",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "maximum security 2022",
"scope": "eq",
"trust": 1.0,
"vendor": "trendmicro",
"version": "17.7"
},
{
"model": "\u30a6\u30a4\u30eb\u30b9\u30d0\u30b9\u30bf\u30fc \u30af\u30e9\u30a6\u30c9",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30c8\u30ec\u30f3\u30c9\u30de\u30a4\u30af\u30ed",
"version": "virus buster cloud 17.7"
},
{
"model": "\u30a6\u30a4\u30eb\u30b9\u30d0\u30b9\u30bf\u30fc \u30af\u30e9\u30a6\u30c9",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30c8\u30ec\u30f3\u30c9\u30de\u30a4\u30af\u30ed",
"version": null
},
{
"model": "\u30a6\u30a4\u30eb\u30b9\u30d0\u30b9\u30bf\u30fc \u30af\u30e9\u30a6\u30c9",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30c8\u30ec\u30f3\u30c9\u30de\u30a4\u30af\u30ed",
"version": "virus buster cloud 17.0"
},
{
"model": "maximum security",
"scope": null,
"trust": 0.7,
"vendor": "trend micro",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-789"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-001291"
},
{
"db": "NVD",
"id": "CVE-2022-30687"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:trendmicro:maximum_security_2022:17.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-30687"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Amir Ahmadi (@KingAmir )",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-789"
}
],
"trust": 0.7
},
"cve": "CVE-2022-30687",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-30687",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2022-30687",
"impactScore": 4.2,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-30687",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2022-30687",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202205-3322",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-789"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-001291"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3322"
},
{
"db": "NVD",
"id": "CVE-2022-30687"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could allow a low privileged local user to manipulate the product\u0027s secure erase feature to delete arbitrary files. Virus Buster from Trend Micro Inc. An update for the cloud has been released. This vulnerability information is provided by the developer for the purpose of dissemination to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.The potential impact will vary for each vulnerability, but you may be impacted by: Please refer to the respective advisory provided by the developer for details. Cloud version 17.7 It was * Arbitrary file deletion due to link interpretation problem when accessing file in data erasure tool - CVE-2022-30687 It was * Privilege escalation due to link interpretation problems when accessing files - CVE-2022-34893 It was * Information Disclosure via Out-of-Bounds Read Vulnerability - CVE-2022-35234 , CVE-2022-37347 , CVE-2022-37348 It was * Time-of-check Time-of-use (( TOCTOU ) Privilege escalation due to race condition vulnerability - CVE-2022-48191 virus buster Cloud version 17.0 It was * Information Disclosure via Out-of-Bounds Read Vulnerability - CVE-2022-35234 , CVE-2022-37347 , CVE-2022-37348. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the implementation of the Secure Erase feature. The issue results from the lack of proper validation of a user-supplied link prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-30687"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-001291"
},
{
"db": "ZDI",
"id": "ZDI-22-789"
},
{
"db": "VULMON",
"id": "CVE-2022-30687"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-30687",
"trust": 4.0
},
{
"db": "ZDI",
"id": "ZDI-22-789",
"trust": 2.4
},
{
"db": "JVN",
"id": "JVNVU96882769",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2023-001291",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15739",
"trust": 0.7
},
{
"db": "CS-HELP",
"id": "SB2022051301",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3322",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-30687",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-789"
},
{
"db": "VULMON",
"id": "CVE-2022-30687"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-001291"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3322"
},
{
"db": "NVD",
"id": "CVE-2022-30687"
}
]
},
"id": "VAR-202205-1103",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.12407407
},
"last_update_date": "2024-06-14T23:07:50.848000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Alert / Advisory: Antivirus \u00a0 About cloud vulnerabilities (CVE-2022-35234/CVE-2022-37347/CVE-2022-37348) Trend Micro",
"trust": 0.8,
"url": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-11014"
},
{
"title": "Trend Micro has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://helpcenter.trendmicro.com/en-us/article/tmka-11017"
},
{
"title": "Trend Micro Maximum Security Post-link vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=195340"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-789"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-001291"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3322"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-59",
"trust": 1.0
},
{
"problemtype": "Link interpretation problem (CWE-59) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds read (CWE-125) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "Time-of-check Time-of-use (TOCTOU) Race condition (CWE-367) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-001291"
},
{
"db": "NVD",
"id": "CVE-2022-30687"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpcenter.trendmicro.com/en-us/article/tmka-11017"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-22-789/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu96882769/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-30687"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-34893"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-35234"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-37347"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-37348"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-48191"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-30687/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051301"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-789"
},
{
"db": "VULMON",
"id": "CVE-2022-30687"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-001291"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3322"
},
{
"db": "NVD",
"id": "CVE-2022-30687"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-22-789"
},
{
"db": "VULMON",
"id": "CVE-2022-30687"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-001291"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3322"
},
{
"db": "NVD",
"id": "CVE-2022-30687"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-26T00:00:00",
"db": "ZDI",
"id": "ZDI-22-789"
},
{
"date": "2022-05-27T00:00:00",
"db": "VULMON",
"id": "CVE-2022-30687"
},
{
"date": "2023-03-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-001291"
},
{
"date": "2022-05-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-3322"
},
{
"date": "2022-05-27T00:15:08.333000",
"db": "NVD",
"id": "CVE-2022-30687"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-26T00:00:00",
"db": "ZDI",
"id": "ZDI-22-789"
},
{
"date": "2022-06-02T00:00:00",
"db": "VULMON",
"id": "CVE-2022-30687"
},
{
"date": "2024-06-13T07:30:00",
"db": "JVNDB",
"id": "JVNDB-2023-001291"
},
{
"date": "2022-06-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-3322"
},
{
"date": "2022-06-08T16:18:31.877000",
"db": "NVD",
"id": "CVE-2022-30687"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-3322"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Trend Micro antivirus \u00a0 Multiple vulnerabilities in the cloud",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-001291"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "post link",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-3322"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…