CVE number – CVE-2019-19697
Trend Micro Maximum Security is vulnerable to arbitrary code execution as it allows for creation of registry key to target a process running as SYSTEM.
This can allow a malware to gain elevated privileges to take over and shutdown services that require SYSTEM privileges like Trend Micros “Asmp”
service “coreServiceShell.exe” which does not allow Administrators to tamper with them.
This could allow an attacker or malware to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start.
Note :- administrator privileges are required to exploit this vulnerability.
Platform Microsoft Windows
Premium Security 2019 (v15)
Maximum Security 2019 (v15)
Internet Security 2019 (v15)
Antivirus + Security 2019 (v15)