CVE-2018-10513

HIGH

Trend Micro Security <2018 - Privilege Escalation

Title source: llm

Description

A Deserialization of Untrusted Data Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability.

References (2)

[Vendor Advisory] https://esupport.trendmicro.com/en-US/home/pages/technical-support/1120742.aspx

[Third Party Advisory, VDB Entry] https://www.zerodayinitiative.com/advisories/ZDI-18-961/

Scores

CVSS v3 7.8

EPSS 0.0006

EPSS Percentile 18.2%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-502

Status published

Affected Products (4)

trendmicro/antivirus_\+_security < 12.0

trendmicro/internet_security < 12.0

trendmicro/maximum_security < 12.0

trendmicro/premium_security < 12.0

Timeline

Published Aug 30, 2018

Tracked Since Feb 18, 2026