CVE-2019-18190

CRITICAL

Trend Micro Security 2020 16.0-<16.0.1227 - Null Pointer Dereference

Title source: llm

Description

Trend Micro Security (Consumer) 2020 (v16.x) is affected by a vulnerability in where null pointer dereference errors result in the crash of application, which could potentially lead to possible unsigned code execution under certain circumstances.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124031.aspx

Scores

CVSS v3 9.8

EPSS 0.0073

EPSS Percentile 73.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-476

Status published

Products (4)

trendmicro/antivirus\+_security_2020 16.0 - 16.0.1227

trendmicro/internet_security_2020 16.0 - 16.0.1227

trendmicro/maximum_security_2020 16.0 - 16.0.1227

trendmicro/premium_security_2020 16.0 - 16.0.1227

Published Dec 09, 2019

Tracked Since Feb 18, 2026