CVE-2020-27697
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-27697
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a non-protected location with high privileges (symlink attack) which can lead to obtaining administrative privileges during the installation of the product.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Trend Micro Security 2020 后置链接漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Trend Micro Micro Security 2020是美国趋势科技(Trend Micro)公司的一套计算机安全防护软件。 Trend Micro Security 2020 (Consumer) 存在后置链接漏洞,攻击者可以通过将一个恶意DLL放置在一个不受保护的位置和高特权(符号链接攻击)来利用,这可以导致在安装产品期间获得管理特权。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Trend Micro | Trend Micro Security (Consumer) | 2020 (v16) | - |
II. Public POCs for CVE-2020-27697
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-27697
请登录查看更多情报信息。
- https://helpcenter.trendmicro.com/en-us/article/TMKA-10036x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2020-27697
Same Patch Batch · Trend Micro · 2020-11-18 · 9 CVEs total
| CVE-2020-27695 | Trend Micro Security 2020 代码问题漏洞 | |
| CVE-2020-27696 | Trend Micro Security 2020 安全漏洞 | |
| CVE-2020-28572 | Trend Micro Apex One 安全漏洞 | |
| CVE-2020-28574 | Trend Micro Worry-Free Business Security 路径遍历漏洞 | |
| CVE-2020-28578 | Trend Micro InterScan Web Security Virtual Appliance 缓冲区错误漏洞 | |
| CVE-2020-28579 | Trend Micro InterScan Web Security Virtual Appliance 缓冲区错误漏洞 | |
| CVE-2020-28580 | Trend Micro InterScan Web Security Virtual Appliance 操作系统命令注入漏洞 | |
| CVE-2020-28581 | Trend Micro InterScan Web Security Virtual Appliance 操作系统命令注入漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2020-27697
No comments yet