CVE-2018-3608

CRITICAL

Trend Micro Antivirus+ Security < 12.0.1191 - Code Injection via User-Mode Hooking Driver

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-3608. PoCs published by gguaiker.

AI-analyzed exploit summary This repository contains only a README file with a reference to CVE-2018-3608 and an image link, providing no functional exploit code or technical details. It appears to be a placeholder or documentation without actionable PoC.

Description

A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes.

Exploits (1)

nomisec WRITEUP 2 stars
by gguaiker · poc
https://github.com/gguaiker/Trend_Micro_POC

This repository contains only a README file with a reference to CVE-2018-3608 and an image link, providing no functional exploit code or technical details. It appears to be a placeholder or documentation without actionable PoC.

Classification
Writeup 30%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: Trend Micro (version unspecified)
No auth needed
Prerequisites: none
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 9.8
EPSS 0.0340
EPSS Percentile 87.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-94
Status published
Products (8)
trendmicro/antivirus_\+_security < 12.0.1191
trendmicro/internet_security < 12.0.1191
trendmicro/maximum_security < 12.0.1191
trendmicro/officescan 11.0
trendmicro/officescan 12.0
trendmicro/officescan_monthly 11.0
trendmicro/officescan_monthly 12.0
trendmicro/premium_security < 12.0.1191
Published Jul 06, 2018
Tracked Since Feb 18, 2026