6

CVE-2020-25778

Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in a specific kernel extension where an attacker could supply a kernel pointer and leak several bytes of memory. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
TrendmicroAntivirus Version2019 SwPlatformmacos
TrendmicroAntivirus Version2020 SwPlatformmacos
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.61% 0.447
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6 1.5 4
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
CWE-209 Generation of Error Message Containing Sensitive Information

The product generates an error message that includes sensitive information about its environment, users, or associated data.

https://helpcenter.trendmicro.com/en-us/article/TMKA-09948
Patch
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-20-1241/
Third Party Advisory
VDB Entry