Search criteria
4 vulnerabilities found for Trend Micro Antivirus One by Trend Micro, Inc.
CVE-2024-45335 (GCVE-0-2024-45335)
Vulnerability from nvd – Published: 2024-10-22 18:27 – Updated: 2025-03-13 15:02
VLAI
Summary
Trend Micro Antivirus One, version 3.10.4 and below contains a vulnerability that could allow an attacker to use a specifically crafted virus to allow itself to bypass and evade a virus scan detection.
Severity
8.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-1037 - Processor Optimization Removal or Modification of Security-critical Code
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro, Inc. | Trend Micro Antivirus One |
Affected:
3.10.4 , < 3.10.6
(semver)
|
|
| trend_micro_inc | antivirus_one |
Affected:
3.10.4 , < 3.10.6
(semver)
cpe:2.3:a:trend_micro_inc:antivirus_one:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trend_micro_inc:antivirus_one:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "antivirus_one",
"vendor": "trend_micro_inc",
"versions": [
{
"lessThan": "3.10.6",
"status": "affected",
"version": "3.10.4",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45335",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T19:15:57.089569Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1037",
"description": "CWE-1037 Processor Optimization Removal or Modification of Security-critical Code",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T15:02:04.676Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Antivirus One",
"vendor": "Trend Micro, Inc.",
"versions": [
{
"lessThan": "3.10.6",
"status": "affected",
"version": "3.10.4",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Antivirus One, version 3.10.4 and below contains a vulnerability that could allow an attacker to use a specifically crafted virus to allow itself to bypass and evade a virus scan detection."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T18:27:58.171Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"url": "https://helpcenter.trendmicro.com/en-us/article/tmka-07255"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2024-45335",
"datePublished": "2024-10-22T18:27:58.171Z",
"dateReserved": "2024-08-27T16:15:25.077Z",
"dateUpdated": "2025-03-13T15:02:04.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45334 (GCVE-0-2024-45334)
Vulnerability from nvd – Published: 2024-10-22 18:27 – Updated: 2025-03-13 16:20
VLAI
Summary
Trend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthorized access to product configurations and functions.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro, Inc. | Trend Micro Antivirus One |
Affected:
3.10.4 , < 3.10.6
(semver)
|
|
| trend_micro_inc | antivirus_one |
Affected:
3.10.4 , < 3.10.6
(semver)
cpe:2.3:a:trend_micro_inc:antivirus_one:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trend_micro_inc:antivirus_one:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "antivirus_one",
"vendor": "trend_micro_inc",
"versions": [
{
"lessThan": "3.10.6",
"status": "affected",
"version": "3.10.4",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45334",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T19:19:54.729415Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T16:20:53.780Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Antivirus One",
"vendor": "Trend Micro, Inc.",
"versions": [
{
"lessThan": "3.10.6",
"status": "affected",
"version": "3.10.4",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthorized access to product configurations and functions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T18:27:10.686Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-14461"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2024-45334",
"datePublished": "2024-10-22T18:27:10.686Z",
"dateReserved": "2024-08-27T16:15:25.077Z",
"dateUpdated": "2025-03-13T16:20:53.780Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45335 (GCVE-0-2024-45335)
Vulnerability from cvelistv5 – Published: 2024-10-22 18:27 – Updated: 2025-03-13 15:02
VLAI
Summary
Trend Micro Antivirus One, version 3.10.4 and below contains a vulnerability that could allow an attacker to use a specifically crafted virus to allow itself to bypass and evade a virus scan detection.
Severity
8.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-1037 - Processor Optimization Removal or Modification of Security-critical Code
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro, Inc. | Trend Micro Antivirus One |
Affected:
3.10.4 , < 3.10.6
(semver)
|
|
| trend_micro_inc | antivirus_one |
Affected:
3.10.4 , < 3.10.6
(semver)
cpe:2.3:a:trend_micro_inc:antivirus_one:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trend_micro_inc:antivirus_one:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "antivirus_one",
"vendor": "trend_micro_inc",
"versions": [
{
"lessThan": "3.10.6",
"status": "affected",
"version": "3.10.4",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45335",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T19:15:57.089569Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1037",
"description": "CWE-1037 Processor Optimization Removal or Modification of Security-critical Code",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T15:02:04.676Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Antivirus One",
"vendor": "Trend Micro, Inc.",
"versions": [
{
"lessThan": "3.10.6",
"status": "affected",
"version": "3.10.4",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Antivirus One, version 3.10.4 and below contains a vulnerability that could allow an attacker to use a specifically crafted virus to allow itself to bypass and evade a virus scan detection."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T18:27:58.171Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"url": "https://helpcenter.trendmicro.com/en-us/article/tmka-07255"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2024-45335",
"datePublished": "2024-10-22T18:27:58.171Z",
"dateReserved": "2024-08-27T16:15:25.077Z",
"dateUpdated": "2025-03-13T15:02:04.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45334 (GCVE-0-2024-45334)
Vulnerability from cvelistv5 – Published: 2024-10-22 18:27 – Updated: 2025-03-13 16:20
VLAI
Summary
Trend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthorized access to product configurations and functions.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro, Inc. | Trend Micro Antivirus One |
Affected:
3.10.4 , < 3.10.6
(semver)
|
|
| trend_micro_inc | antivirus_one |
Affected:
3.10.4 , < 3.10.6
(semver)
cpe:2.3:a:trend_micro_inc:antivirus_one:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trend_micro_inc:antivirus_one:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "antivirus_one",
"vendor": "trend_micro_inc",
"versions": [
{
"lessThan": "3.10.6",
"status": "affected",
"version": "3.10.4",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45334",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T19:19:54.729415Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T16:20:53.780Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Antivirus One",
"vendor": "Trend Micro, Inc.",
"versions": [
{
"lessThan": "3.10.6",
"status": "affected",
"version": "3.10.4",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthorized access to product configurations and functions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T18:27:10.686Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-14461"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2024-45334",
"datePublished": "2024-10-22T18:27:10.686Z",
"dateReserved": "2024-08-27T16:15:25.077Z",
"dateUpdated": "2025-03-13T16:20:53.780Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}