CVE-2022-48191

Published: Jan 18, 2023

Modified: Apr 3, 2025

PUBLISHED

Description

A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrary location, allowing a escalation of privileges on an affected system.

Vendor	Product	Versions
Trend Micro, Inc.	Trend Micro Maxium Security (Consumer)	affected `2022 (17.7) - < 17.7`

References

https://helpcenter.trendmicro.com/en-us/article/tmka-11252

https://www.zerodayinitiative.com/advisories/ZDI-23-053/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-48191

Description

Affected Products

References