CVE-2019-14688: CVE-2019-14688

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2019-14688

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial product installation by an authorized user. The attacker must convince the target to download malicious DLL locally which must be present when the installer is run.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

多款Trend Micro产品代码问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Trend Micro Security 2019等都是美国趋势科技（Trend Micro）公司的产品。Trend Micro Security 2019是一套计算机安全防护软件。Trend Micro OfficeScan是一套分布式反病毒软件。Trend Micro IM Security是一套即时消息传递安全防护解决方案。多款Trend Micro产品中的安装程序存在代码问题漏洞。攻击者可通过诱使用户下载恶意的DLL文件并将其放置在特定位置利用该漏洞在系统上执行任意代码。以下产品及版本受到影响：

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Trend Micro	Trend Micro IM Security (IMS), Trend Micro Control Manager (TMCM), Trend Micro OfficeScan (OSCE), Trend Micro Endpoint Sensor (TMES), Trend Micro Security (Consumer), Trend Micro ScanMail for Microsoft Exchange (SMEX), Trend Micro ServerProtect (SP), Tren	IMS 1.6.5, TMCM 7.0, OSCE XG, TMES 1.6, Trend Micro Security 2019, SMEX 14.0, SPNT 5.8/6.0, TMMS Enterprise 9.8	-

II. Public POCs for CVE-2019-14688

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2019-14688

Please Login to view more intelligence information

https://success.trendmicro.com/solution/1123562x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2019-14688

New Vulnerabilities

Vendor: Trend Micro

V. Comments for CVE-2019-14688

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2019-14688

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2019-14688

III. Intelligence Information for CVE-2019-14688

New Vulnerabilities

V. Comments for CVE-2019-14688

Leave a comment