CVE-2018-6218
HIGHTrend Micro Deep Security - DLL Hijacking via User-Mode Hooking Module
Title source: llmDescription
A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
https://success.trendmicro.com/solution/1119326
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/103096
Third Party Advisory third-party-advisory
x_refsource_jvn
https://jvn.jp/jp/JVN28865183/
Vendor Advisory x_refsource_misc
https://success.trendmicro.com/jp/solution/1119348
Scores
CVSS v3
7.0
EPSS
0.0036
EPSS Percentile
58.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-426
Status
published
Products (7)
trendmicro/deep_security
10.0
trendmicro/deep_security
10.1
trendmicro/endpoint_sensor
1.6
trendmicro/officescan
11.0
trendmicro/officescan
12.0
trendmicro/security
12.0
trendmicro/worry-free_business_security
9.5 (2 CPE variants)
Published
Feb 16, 2018
Tracked Since
Feb 18, 2026