CVE-2020-27015

EPSS 0.11%
Published 30.10.2020 00:15:12
Last modified 21.11.2024 05:20:40
Source security@trendmicro.com
Teams watchlist Login
Open Login

Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Message Information Disclosure vulnerability that if exploited, could allow kernel pointers and debug messages to leak to userland. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Trendmicro ≫ Antivirus Version2020 SwPlatformmacos

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.11%	0.268

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.4	0.8	3.6	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

CWE-209 Generation of Error Message Containing Sensitive Information

The product generates an error message that includes sensitive information about its environment, users, or associated data.

https://helpcenter.trendmicro.com/en-us/article/TMKA-09975

Vendor Advisory

https://www.zerodayinitiative.com/advisories/ZDI-20-1286/

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2020-27015

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-27015

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-27015

EUVD