Back to search
CVE-2018-10359
Published: Jun 8, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220078 in the TMWFP driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
| Vendor | Product | Versions |
|---|---|---|
Trend Micro | Trend Micro OfficeScan | affected 11.0 SP1, XG |
References
https://success.trendmicro.com/solution/1119961
x_refsource_CONFIRM
https://www.zerodayinitiative.com/advisories/ZDI-18-564/
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now