1. Home
  2. CVE Database
  3. CVE-2019-20357
HIGH · 7.8

CVE-2019-20357

A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to c...

Vulnerability Description

A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
TrendmicroAntivirus \+ Security 201915.0
TrendmicroAntivirus \+ Security 202016.0
TrendmicroInternet Security 201915.0
TrendmicroInternet Security 202016.0
TrendmicroMaximum Security 201915.0
TrendmicroMaximum Security 202016.0
TrendmicroPremium Security 201915.0
TrendmicroPremium Security 202016.0
MicrosoftWindows-

Related Weaknesses (CWE)

CWE-428

References

FAQ

What is CVE-2019-20357?

CVE-2019-20357 is a vulnerability with a CVSS score of 7.8 (HIGH). A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to c...

How severe is CVE-2019-20357?

CVE-2019-20357 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-20357?

Check the references section above for vendor advisories and patch information. Affected products include: Trendmicro Antivirus \+ Security 2019, Trendmicro Antivirus \+ Security 2020, Trendmicro Internet Security 2019, Trendmicro Internet Security 2020, Trendmicro Maximum Security 2019.