Trend Micro Maximum Security 2018 Local Information Disclosure Vulnerability

Trend Micro Maximum Security 2018 Local Information Disclosure Vulnerability

CVE-2018-6234 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

An Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Learn more about our Web Application Penetration Testing UK.