CVE-2019-19694 — MEDIUM (4.7)

Q: How severe is CVE-2019-19694?

CVE-2019-19694 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-19694?

Check the references section above for vendor advisories and patch information. Affected products include: Trendmicro Antivirus \+ Security 2019, Trendmicro Internet Security 2019, Trendmicro Maximum Security 2019, Trendmicro Officescan Cloud, Trendmicro Premium Security 2019.

Vulnerability Description

The Trend Micro Security 2019 (15.0.0.1163 and below) consumer family of products is vulnerable to a denial of service (DoS) attack in which a malicious actor could manipulate a key file at a certain time during the system startup process to disable the product's malware protection functions or the entire product completely..

CVSS Score

4.7

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Trendmicro	Antivirus \+ Security 2019	<= 15.0.0.1163
Trendmicro	Internet Security 2019	<= 15.0.0.1163
Trendmicro	Maximum Security 2019	<= 15.0.0.1163
Trendmicro	Officescan Cloud	15
Trendmicro	Premium Security 2019	<= 15.0.0.1163
Microsoft	Windows	-

References

https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124056.aspxVendor Advisory
https://esupport.trendmicro.com/support/vb/solution/ja-jp/1124058.aspxVendor Advisory
https://jvn.jp/en/jp/JVN02921757/Third Party Advisory
https://jvn.jp/jp/JVN02921757/Third Party Advisory
https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124056.aspxVendor Advisory
https://esupport.trendmicro.com/support/vb/solution/ja-jp/1124058.aspxVendor Advisory
https://jvn.jp/en/jp/JVN02921757/Third Party Advisory
https://jvn.jp/jp/JVN02921757/Third Party Advisory

FAQ

What is CVE-2019-19694?

CVE-2019-19694 is a vulnerability with a CVSS score of 4.7 (MEDIUM). The Trend Micro Security 2019 (15.0.0.1163 and below) consumer family of products is vulnerable to a denial of service (DoS) attack in which a malicious actor could manipulate a key file at a certain ...

How severe is CVE-2019-19694?

CVE-2019-19694 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-19694?

Check the references section above for vendor advisories and patch information. Affected products include: Trendmicro Antivirus \+ Security 2019, Trendmicro Internet Security 2019, Trendmicro Maximum Security 2019, Trendmicro Officescan Cloud, Trendmicro Premium Security 2019.