JVNDB-2022-001372

[Japanese]
JVNDB-2022-001372
Trend Micro Antivirus for MAC vulnerable to privilege escalation
Overview
Trend Micro Incorporated has released a security update for Trend Micro Antivirus for MAC. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.
CVSS Severity (What is CVSS?)

Affected Products

Trend Micro, Inc. Trend Micro Antivirus for MAC Versions 11.0.2150 and earlier

Impact
A user who can log in to the system where the affected product is installed may obtain the administrative privilege. As a result, arbitrary program may be executed on the system. For more information, refer to the information provided by the developer.
Solution
[Update the software] Update the software to the latest version according to the information provided by the developer.
Vendor Information
Trend Micro, Inc. Trend Micro Incorporated : Security Bulletin: Trend Micro Antivirus for Mac Link Following Privilege Escalation Vulnerability
CWE (What is CWE?)

CVE (What is CVE?)
CVE-2022-24671
References
JVN : JVNVU#95075478
Revision History
[2022/02/18] Web page was published

Trend Micro Antivirus for MAC vulnerable to privilege escalation