Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-27883: ZDI-22-546

A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to create a specially-crafted file as a symlink that can lead to privilege escalation.

Please note that an attacker must at least have low-level privileges on the system to attempt to exploit this vulnerability.

CVE
Open in Source
#vulnerability#mac

April 1st, 2022

Trend Micro Antivirus for Mac Link Following Privilege Escalation Vulnerability****ZDI-22-546
ZDI-CAN-14816

CVE ID

CVE-2022-27883

CVSS SCORE

7.8, (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

AFFECTED VENDORS

Trend Micro

AFFECTED PRODUCTS

Antivirus for Mac

VULNERABILITY DETAILS

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Antivirus for Mac. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

The specific flaw exists within the libTmUtil dylib. By creating a symbolic link, an attacker can abuse the product to loosen permissions on a local file. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of root.

ADDITIONAL DETAILS

Trend Micro has issued an update to correct this vulnerability. More details can be found at:
https://helpcenter.trendmicro.com/en-us/article/tmka-10978

DISCLOSURE TIMELINE

  • 2021-10-15 - Vulnerability reported to vendor
  • 2022-04-01 - Coordinated public release of advisory

CREDIT

Cees Elzinga

BACK TO ADVISORIES

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE