CVE-2022-26337

HIGH

Trend Micro Password Manager (Consumer) <5.0.0.1262 - Buffer Overflow

Title source: llm
STIX 2.1

Description

Trend Micro Password Manager (Consumer) installer version 5.0.0.1262 and below is vulnerable to an Uncontrolled Search Path Element vulnerability that could allow an attacker to use a specially crafted file to exploit the vulnerability and escalate local privileges on the affected machine.

References (1)

Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://helpcenter.trendmicro.com/en-us/article/tmka-10954

Scores

CVSS v3 7.8
EPSS 0.0023
EPSS Percentile 45.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-427
Status published
Products (1)
trendmicro/password_manager < 5.0.0.1266
Published Mar 08, 2022
Tracked Since Feb 18, 2026