CVE-2020-8607
MEDIUMTrend Micro Antivirus Toolkit < 1.62.1240 - Kernel Address Modification via Rootkit Protection Driver
Title source: llmDescription
An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability.
References (4)
Core 4
Core References
Patch, Vendor Advisory x_refsource_misc
https://success.trendmicro.com/solution/000260713
Third Party Advisory x_refsource_misc
https://jvn.jp/vu/JVNVU99160193/
Third Party Advisory x_refsource_misc
https://jvn.jp/en/vu/JVNVU99160193/index.html
Vendor Advisory x_refsource_misc
https://success.trendmicro.com/jp/solution/000260748
Scores
CVSS v3
6.7
EPSS
0.0008
EPSS Percentile
23.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (22)
trendmicro/antivirus_toolkit
< 1.62.1240
trendmicro/apex_one
2019
trendmicro/apex_one
saas
trendmicro/deep_security
9.6
trendmicro/deep_security
10.0
trendmicro/deep_security
11.0
trendmicro/deep_security
12.0
trendmicro/officescan
xg sp1
trendmicro/officescan_business_security
9.0
trendmicro/officescan_business_security
9.5
... and 12 more
Published
Aug 05, 2020
Tracked Since
Feb 18, 2026