Trend Micro Security 2019 (Consumer) Tampering Vulnerability [CVE-2019-19697]
CVE number – CVE-2019-19697
Trend Micro Maximum Security is vulnerable to arbitrary code execution as it allows for creation of registry key to target a process running as SYSTEM.
This can allow a malware to gain elevated privileges to take over and shutdown services that require SYSTEM privileges like Trend Micros “Asmp”
service “coreServiceShell.exe” which does not allow Administrators to tamper with them.
This could allow an attacker or malware to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start.
Note :- administrator privileges are required to exploit this vulnerability.
Affected versions
Platform Microsoft Windows
Premium Security 2019 (v15)
Maximum Security 2019 (v15)
Internet Security 2019 (v15)
Antivirus + Security 2019 (v15)
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.