cvelistv5 - cve-2024-23940

CVE-2024-23940 (GCVE-0-2024-23940)

Vulnerability from cvelistv5

Published

2024-01-29 18:22

Modified

2025-05-29 15:08

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL

Tags

security@trendmicro.com	https://helpcenter.trendmicro.com/en-us/article/tmka-12134	Vendor Advisory
security@trendmicro.com	https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132	Vendor Advisory
security@trendmicro.com	https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1	Exploit, Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://helpcenter.trendmicro.com/en-us/article/tmka-12134	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1	Exploit, Technical Description, Third Party Advisory

Impacted products

	Vendor	Product	Version
	Trend Micro, Inc.	Trend Micro Security (Consumer) uiAirSupport	Version: 2023 (6.0) ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:13:08.534Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-23940",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-09T23:55:53.792732Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-427",
                "description": "CWE-427 Uncontrolled Search Path Element",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-29T15:08:39.946Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Security (Consumer) uiAirSupport",
          "vendor": "Trend Micro, Inc.",
          "versions": [
            {
              "lessThan": "6.0.2093",
              "status": "affected",
              "version": "2023 (6.0)",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-29T18:22:34.819Z",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134"
        },
        {
          "url": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132"
        },
        {
          "url": "https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2024-23940",
    "datePublished": "2024-01-29T18:22:34.819Z",
    "dateReserved": "2024-01-24T01:09:06.034Z",
    "dateUpdated": "2025-05-29T15:08:39.946Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-23940\",\"sourceIdentifier\":\"security@trendmicro.com\",\"published\":\"2024-01-29T19:15:08.887\",\"lastModified\":\"2025-05-29T15:15:31.403\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system.\"},{\"lang\":\"es\",\"value\":\"Trend Micro uiAirSupport, incluido en la familia de productos de consumo Trend Micro Security 2023, versi\u00f3n 6.0.2092 y anteriores, es vulnerable a una vulnerabilidad de secuestro/proxy de DLL que, si se explota, podr\u00eda permitir a un atacante hacerse pasar por una librer\u00eda y modificarla para ejecutar c\u00f3digo en el sistema y, en \u00faltima instancia, escalar privilegios en un sistema afectado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-427\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-427\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:air_support:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.2103\",\"matchCriteriaId\":\"71C8D540-28F7-4DEC-8126-C51469277DB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:antivirus_\\\\+_security:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.2103\",\"matchCriteriaId\":\"1F1C4167-F289-4215-A96F-24303D201442\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:internet_security:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.2103\",\"matchCriteriaId\":\"B3A9AD3B-56F3-4D9E-841D-274E5B31AFD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:maximum_security:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.2103\",\"matchCriteriaId\":\"1FD0AABD-3118-4B89-A9F6-61CEFAA1099B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:premium_security:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.2103\",\"matchCriteriaId\":\"314702FF-25AD-44BE-B984-4E57FE5A02D6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://helpcenter.trendmicro.com/en-us/article/tmka-12134\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Exploit\",\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"https://helpcenter.trendmicro.com/en-us/article/tmka-12134\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Technical Description\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://helpcenter.trendmicro.com/en-us/article/tmka-12134\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T23:13:08.534Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-23940\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-09T23:55:53.792732Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-427\", \"description\": \"CWE-427 Uncontrolled Search Path Element\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-09T23:55:55.892Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Trend Micro, Inc.\", \"product\": \"Trend Micro Security (Consumer) uiAirSupport\", \"versions\": [{\"status\": \"affected\", \"version\": \"2023 (6.0)\", \"lessThan\": \"6.0.2093\", \"versionType\": \"semver\"}]}], \"references\": [{\"url\": \"https://helpcenter.trendmicro.com/en-us/article/tmka-12134\"}, {\"url\": \"https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132\"}, {\"url\": \"https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system.\"}], \"providerMetadata\": {\"orgId\": \"7f7bd7df-cffe-4fdb-ab6d-859363b89272\", \"shortName\": \"trendmicro\", \"dateUpdated\": \"2024-01-29T18:22:34.819Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-23940\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-29T15:08:39.946Z\", \"dateReserved\": \"2024-01-24T01:09:06.034Z\", \"assignerOrgId\": \"7f7bd7df-cffe-4fdb-ab6d-859363b89272\", \"datePublished\": \"2024-01-29T18:22:34.819Z\", \"assignerShortName\": \"trendmicro\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

ghsa-9fpx-vc83-vhpf

Vulnerability from github

Published

2024-01-29 21:30

Modified

2024-02-06 21:30

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-23940"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-427"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-29T19:15:08Z",
    "severity": "HIGH"
  },
  "details": "Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system.",
  "id": "GHSA-9fpx-vc83-vhpf",
  "modified": "2024-02-06T21:30:24Z",
  "published": "2024-01-29T21:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23940"
    },
    {
      "type": "WEB",
      "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134"
    },
    {
      "type": "WEB",
      "url": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

fkie_cve-2024-23940

Vulnerability from fkie_nvd

Published

2024-01-29 19:15

Modified

2025-05-29 15:15

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security@trendmicro.com	https://helpcenter.trendmicro.com/en-us/article/tmka-12134	Vendor Advisory
security@trendmicro.com	https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132	Vendor Advisory
security@trendmicro.com	https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1	Exploit, Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://helpcenter.trendmicro.com/en-us/article/tmka-12134	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1	Exploit, Technical Description, Third Party Advisory

Impacted products

Vendor	Product	Version
trendmicro	air_support	*
trendmicro	antivirus_\+_security	*
trendmicro	internet_security	*
trendmicro	maximum_security	*
trendmicro	premium_security	*
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:trendmicro:air_support:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71C8D540-28F7-4DEC-8126-C51469277DB2",
              "versionEndExcluding": "6.0.2103",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:antivirus_\\+_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F1C4167-F289-4215-A96F-24303D201442",
              "versionEndExcluding": "6.0.2103",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:internet_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3A9AD3B-56F3-4D9E-841D-274E5B31AFD6",
              "versionEndExcluding": "6.0.2103",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:maximum_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FD0AABD-3118-4B89-A9F6-61CEFAA1099B",
              "versionEndExcluding": "6.0.2103",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:premium_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "314702FF-25AD-44BE-B984-4E57FE5A02D6",
              "versionEndExcluding": "6.0.2103",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system."
    },
    {
      "lang": "es",
      "value": "Trend Micro uiAirSupport, incluido en la familia de productos de consumo Trend Micro Security 2023, versi\u00f3n 6.0.2092 y anteriores, es vulnerable a una vulnerabilidad de secuestro/proxy de DLL que, si se explota, podr\u00eda permitir a un atacante hacerse pasar por una librer\u00eda y modificarla para ejecutar c\u00f3digo en el sistema y, en \u00faltima instancia, escalar privilegios en un sistema afectado."
    }
  ],
  "id": "CVE-2024-23940",
  "lastModified": "2025-05-29T15:15:31.403",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-01-29T19:15:08.887",
  "references": [
    {
      "source": "security@trendmicro.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134"
    },
    {
      "source": "security@trendmicro.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132"
    },
    {
      "source": "security@trendmicro.com",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1"
    }
  ],
  "sourceIdentifier": "security@trendmicro.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-427"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-427"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

cve-2024-23940

Vulnerability from jvndb

Published

2024-02-06 14:46

Modified

2024-03-11 17:42

Severity ?

7.8 (High) - cvssV3_0 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

Incorrect permission assignment vulnerability in Trend Micro uiAirSupport

Details

Trend Micro Incorporated has released a security update for Trend Micro uiAirSupport. Proof-of-concept code (PoC) for this vulnerability is available on the Internet. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.

References

Type

URL

	JVN	https://jvn.jp/en/vu/JVNVU99844997/index.html
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-23940
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-23940
	Related document	https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1
	Uncontrolled Search Path Element(CWE-427)	https://cwe.mitre.org/data/definitions/427.html

Impacted products

Vendor

Product

	Trend Micro, Inc.	Antivirus + Security
	Trend Micro, Inc.	Internet Security
	Trend Micro, Inc.	Trend Micro Maximum Security
	Trend Micro, Inc.	Trend Micro Premium Security

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-001785.html",
  "dc:date": "2024-03-11T17:42+09:00",
  "dcterms:issued": "2024-02-06T14:46+09:00",
  "dcterms:modified": "2024-03-11T17:42+09:00",
  "description": "Trend Micro Incorporated has released a security update for Trend Micro uiAirSupport.\r\n\r\nProof-of-concept code (PoC) for this vulnerability is available on the Internet.\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-001785.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:trendmicro:antivirus_%2B_security",
      "@product": "Antivirus + Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:internet_security",
      "@product": "Internet Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:maximum_security",
      "@product": "Trend Micro Maximum Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:premium_security",
      "@product": "Trend Micro Premium Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "7.8",
    "@severity": "High",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2024-001785",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU99844997/index.html",
      "@id": "JVNVU#99844997",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-23940",
      "@id": "CVE-2024-23940",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2024-23940",
      "@id": "CVE-2024-23940",
      "@source": "NVD"
    },
    {
      "#text": "https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1",
      "@id": "AV - When a Friend Becomes an Enemy - (CVE-2024-23940)",
      "@source": "Related document"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/427.html",
      "@id": "CWE-427",
      "@title": "Uncontrolled Search Path Element(CWE-427)"
    }
  ],
  "title": "Incorrect permission assignment vulnerability in Trend Micro uiAirSupport"
}

wid-sec-w-2024-0237

Vulnerability from csaf_certbund

Published

2024-01-29 23:00

Modified

2024-01-29 23:00

Summary

Trend Micro Internet Security: Schwachstelle ermöglicht Privilegieneskalation

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Trend Micro Internet Security ist eine Firewall und Antivirus Lösung. Trend Micro Maximum Security ist eine Desktop Security Suite.

Angriff

Ein lokaler Angreifer kann eine Schwachstelle in Trend Micro Internet Security und Trend Micro Maximum Security ausnutzen, um seine Privilegien zu erhöhen.

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Trend Micro Internet Security ist eine Firewall und Antivirus L\u00f6sung.\r\nTrend Micro Maximum Security ist eine Desktop Security Suite.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann eine Schwachstelle in Trend Micro Internet Security und Trend Micro Maximum Security ausnutzen, um seine Privilegien zu erh\u00f6hen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0237 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0237.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0237 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0237"
      },
      {
        "category": "external",
        "summary": "GitHub Advisory Database vom 2024-01-29",
        "url": "https://github.com/advisories/GHSA-9fpx-vc83-vhpf"
      },
      {
        "category": "external",
        "summary": "TrendMicro Security Bulletin vom 2024-01-29",
        "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134"
      }
    ],
    "source_lang": "en-US",
    "title": "Trend Micro Internet Security: Schwachstelle erm\u00f6glicht Privilegieneskalation",
    "tracking": {
      "current_release_date": "2024-01-29T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:04:36.608+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-0237",
      "initial_release_date": "2024-01-29T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-01-29T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Trend Micro Internet Security \u003c 6.0.2103",
            "product": {
              "name": "Trend Micro Internet Security \u003c 6.0.2103",
              "product_id": "T032398",
              "product_identification_helper": {
                "cpe": "cpe:/a:trendmicro:internet_security:6.0.2103"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Trend Micro Maximum Security \u003c 6.0.2103",
            "product": {
              "name": "Trend Micro Maximum Security \u003c 6.0.2103",
              "product_id": "T032399",
              "product_identification_helper": {
                "cpe": "cpe:/a:trendmicro:maximum_security:6.0.2103"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Trend Micro"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-23940",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Trend Micro Internet Security und Trend Micro Maximum Security. Diese ist auf eine Anf\u00e4lligkeit f\u00fcr DLL-Hijacking zur\u00fcckzuf\u00fchren, durch welche Programmcode ausgef\u00fchrt werden kann, um eine Privilegieneskalation herbeizuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erweitern."
        }
      ],
      "release_date": "2024-01-29T23:00:00.000+00:00",
      "title": "CVE-2024-23940"
    }
  ]
}

WID-SEC-W-2024-0237

Vulnerability from csaf_certbund

Published

2024-01-29 23:00

Modified

2024-01-29 23:00

Summary

Trend Micro Internet Security: Schwachstelle ermöglicht Privilegieneskalation

Notes

Produktbeschreibung

Trend Micro Internet Security ist eine Firewall und Antivirus Lösung. Trend Micro Maximum Security ist eine Desktop Security Suite.

Angriff

Ein lokaler Angreifer kann eine Schwachstelle in Trend Micro Internet Security und Trend Micro Maximum Security ausnutzen, um seine Privilegien zu erhöhen.

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Trend Micro Internet Security ist eine Firewall und Antivirus L\u00f6sung.\r\nTrend Micro Maximum Security ist eine Desktop Security Suite.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann eine Schwachstelle in Trend Micro Internet Security und Trend Micro Maximum Security ausnutzen, um seine Privilegien zu erh\u00f6hen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0237 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0237.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0237 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0237"
      },
      {
        "category": "external",
        "summary": "GitHub Advisory Database vom 2024-01-29",
        "url": "https://github.com/advisories/GHSA-9fpx-vc83-vhpf"
      },
      {
        "category": "external",
        "summary": "TrendMicro Security Bulletin vom 2024-01-29",
        "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134"
      }
    ],
    "source_lang": "en-US",
    "title": "Trend Micro Internet Security: Schwachstelle erm\u00f6glicht Privilegieneskalation",
    "tracking": {
      "current_release_date": "2024-01-29T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:04:36.608+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-0237",
      "initial_release_date": "2024-01-29T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-01-29T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Trend Micro Internet Security \u003c 6.0.2103",
            "product": {
              "name": "Trend Micro Internet Security \u003c 6.0.2103",
              "product_id": "T032398",
              "product_identification_helper": {
                "cpe": "cpe:/a:trendmicro:internet_security:6.0.2103"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Trend Micro Maximum Security \u003c 6.0.2103",
            "product": {
              "name": "Trend Micro Maximum Security \u003c 6.0.2103",
              "product_id": "T032399",
              "product_identification_helper": {
                "cpe": "cpe:/a:trendmicro:maximum_security:6.0.2103"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Trend Micro"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-23940",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Trend Micro Internet Security und Trend Micro Maximum Security. Diese ist auf eine Anf\u00e4lligkeit f\u00fcr DLL-Hijacking zur\u00fcckzuf\u00fchren, durch welche Programmcode ausgef\u00fchrt werden kann, um eine Privilegieneskalation herbeizuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erweitern."
        }
      ],
      "release_date": "2024-01-29T23:00:00.000+00:00",
      "title": "CVE-2024-23940"
    }
  ]
}

var-202401-1620

Vulnerability from variot

Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system. From Trend Micro Inc. Air An update has been released for support. The proof-of-concept code ( PoC ) are published on the Internet. This vulnerability information is provided by the developer for the purpose of disseminating the information to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.A user under a standard user account may be able to escalate privileges and execute arbitrary programs

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202401-1620",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "antivirus \\+ security",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "6.0.2103"
      },
      {
        "model": "premium security",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "6.0.2103"
      },
      {
        "model": "maximum security",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "6.0.2103"
      },
      {
        "model": "air support",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "6.0.2103"
      },
      {
        "model": "internet security",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "6.0.2103"
      },
      {
        "model": "air \u30b5\u30dd\u30fc\u30c8",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30c8\u30ec\u30f3\u30c9\u30de\u30a4\u30af\u30ed",
        "version": null
      },
      {
        "model": "air \u30b5\u30dd\u30fc\u30c8",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "\u30c8\u30ec\u30f3\u30c9\u30de\u30a4\u30af\u30ed",
        "version": "air  support    6.0.2092  and earlier"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-23940"
      }
    ]
  },
  "cve": "CVE-2024-23940",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2024-23940",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2024-23940",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2024-23940",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2024-23940",
            "trust": 0.8,
            "value": "High"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-23940"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system. From Trend Micro Inc. Air An update has been released for support. The proof-of-concept code ( PoC ) are published on the Internet. This vulnerability information is provided by the developer for the purpose of disseminating the information to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.A user under a standard user account may be able to escalate privileges and execute arbitrary programs",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2024-23940"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      },
      {
        "db": "VULMON",
        "id": "CVE-2024-23940"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2024-23940",
        "trust": 2.7
      },
      {
        "db": "JVN",
        "id": "JVNVU99844997",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785",
        "trust": 0.8
      },
      {
        "db": "VULMON",
        "id": "CVE-2024-23940",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2024-23940"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-23940"
      }
    ]
  },
  "id": "VAR-202401-1620",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.09586056
  },
  "last_update_date": "2024-08-14T14:01:23.063000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Alert / Advisory: Air About support vulnerabilities (CVE-2024-23940)",
        "trust": 0.8,
        "url": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-427",
        "trust": 1.0
      },
      {
        "problemtype": "Uncontrolled search path elements (CWE-427) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-23940"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1"
      },
      {
        "trust": 1.1,
        "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134"
      },
      {
        "trust": 1.1,
        "url": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu99844997/index.html"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2024-23940"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2024-23940"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-23940"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2024-23940"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-23940"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-01-29T00:00:00",
        "db": "VULMON",
        "id": "CVE-2024-23940"
      },
      {
        "date": "2024-02-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      },
      {
        "date": "2024-01-29T19:15:08.887000",
        "db": "NVD",
        "id": "CVE-2024-23940"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-01-30T00:00:00",
        "db": "VULMON",
        "id": "CVE-2024-23940"
      },
      {
        "date": "2024-03-11T08:42:00",
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      },
      {
        "date": "2024-02-06T19:19:33.920000",
        "db": "NVD",
        "id": "CVE-2024-23940"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Made by Trend Micro \u00a0Air\u00a0 Support Improper Permission Assignment Vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2024-001785"
      }
    ],
    "trust": 0.8
  }
}

gsd-2024-23940

Vulnerability from gsd

Modified

2024-01-24 06:02

Details

Aliases

CVE-2024-23940

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-23940"
      ],
      "details": "Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system.",
      "id": "GSD-2024-23940",
      "modified": "2024-01-24T06:02:24.996584Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@trendmicro.com",
        "ID": "CVE-2024-23940",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Trend Micro Security (Consumer) uiAirSupport",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "2023 (6.0)",
                          "version_value": "6.0.2093"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Trend Micro, Inc."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134",
            "refsource": "MISC",
            "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134"
          },
          {
            "name": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132",
            "refsource": "MISC",
            "url": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132"
          },
          {
            "name": "https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1",
            "refsource": "MISC",
            "url": "https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:trendmicro:air_support:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "71C8D540-28F7-4DEC-8126-C51469277DB2",
                    "versionEndExcluding": "6.0.2103",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:trendmicro:antivirus_\\+_security:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "1F1C4167-F289-4215-A96F-24303D201442",
                    "versionEndExcluding": "6.0.2103",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:trendmicro:internet_security:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "B3A9AD3B-56F3-4D9E-841D-274E5B31AFD6",
                    "versionEndExcluding": "6.0.2103",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:trendmicro:maximum_security:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "1FD0AABD-3118-4B89-A9F6-61CEFAA1099B",
                    "versionEndExcluding": "6.0.2103",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:trendmicro:premium_security:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "314702FF-25AD-44BE-B984-4E57FE5A02D6",
                    "versionEndExcluding": "6.0.2103",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system."
          },
          {
            "lang": "es",
            "value": "Trend Micro uiAirSupport, incluido en la familia de productos de consumo Trend Micro Security 2023, versi\u00f3n 6.0.2092 y anteriores, es vulnerable a una vulnerabilidad de secuestro/proxy de DLL que, si se explota, podr\u00eda permitir a un atacante hacerse pasar por una librer\u00eda y modificarla para ejecutar c\u00f3digo en el sistema y, en \u00faltima instancia, escalar privilegios en un sistema afectado."
          }
        ],
        "id": "CVE-2024-23940",
        "lastModified": "2024-02-06T19:19:33.920",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 1.8,
              "impactScore": 5.9,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2024-01-29T19:15:08.887",
        "references": [
          {
            "source": "security@trendmicro.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-12134"
          },
          {
            "source": "security@trendmicro.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://helpcenter.trendmicro.com/ja-jp/article/tmka-12132"
          },
          {
            "source": "security@trendmicro.com",
            "tags": [
              "Exploit",
              "Technical Description",
              "Third Party Advisory"
            ],
            "url": "https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1"
          }
        ],
        "sourceIdentifier": "security@trendmicro.com",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-427"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2024-23940 (GCVE-0-2024-23940)

Vulnerability from cvelistv5

ghsa-9fpx-vc83-vhpf

Vulnerability from github

fkie_cve-2024-23940

Vulnerability from fkie_nvd

cve-2024-23940

Vulnerability from jvndb

wid-sec-w-2024-0237

Vulnerability from csaf_certbund

WID-SEC-W-2024-0237

Vulnerability from csaf_certbund

var-202401-1620

Vulnerability from variot

gsd-2024-23940

Vulnerability from gsd

Tags

Sightings

Nomenclature