JVNVU#99160193
Trend Micro anti-rootkit driver improperly validates inputs
Overview
Trend Micro anti-rootkit driver, which is used in various Trend Micro products, is vulnerable to improper input validation.
Products Affected
Trend Micro products containing the anti-rootkit driver.
Please refer to the list of affected products provided by Trend Micro.
Description
Trend Micro anti-rootkit driver, which is used in various Trend Micro products, is vulnerable to improper input validation (CWE-1285).
Impact
When an administrative-privilege user exploits this vulnerability, the system may be crashed or an arbitrary code may be executed in kernel mode.
Solution
Update the software
Update to the latest version or apply the appropriate patches to the affected products based on the information provided by the developer.
Apply Workaround
Do not assign administrative-privilege to untrusted users.
Vendor Status
| Vendor | Link |
| Trend Micro Incorporated | Security Bulletin: Input Validation Vulnerability in Trend Micro Rootkit Driver (Multiple Products) |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
Credit
Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2020-8607 |
| JVN iPedia |
|