Sign-up

ID

VAR-202205-1103


CVE

CVE-2022-30687


TITLE

Trend Micro antivirus   Multiple vulnerabilities in the cloud

Trust: 0.8

sources: JVNDB: JVNDB-2023-001291

DESCRIPTION

Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could allow a low privileged local user to manipulate the product's secure erase feature to delete arbitrary files. Virus Buster from Trend Micro Inc. An update for the cloud has been released. This vulnerability information is provided by the developer for the purpose of dissemination to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.The potential impact will vary for each vulnerability, but you may be impacted by: Please refer to the respective advisory provided by the developer for details. Cloud version 17.7 It was * Arbitrary file deletion due to link interpretation problem when accessing file in data erasure tool - CVE-2022-30687 It was * Privilege escalation due to link interpretation problems when accessing files - CVE-2022-34893 It was * Information Disclosure via Out-of-Bounds Read Vulnerability - CVE-2022-35234 , CVE-2022-37347 , CVE-2022-37348 It was * Time-of-check Time-of-use (( TOCTOU ) Privilege escalation due to race condition vulnerability - CVE-2022-48191 virus buster Cloud version 17.0 It was * Information Disclosure via Out-of-Bounds Read Vulnerability - CVE-2022-35234 , CVE-2022-37347 , CVE-2022-37348. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the implementation of the Secure Erase feature. The issue results from the lack of proper validation of a user-supplied link prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM

Trust: 2.34

sources: NVD: CVE-2022-30687 // JVNDB: JVNDB-2023-001291 // ZDI: ZDI-22-789 // VULMON: CVE-2022-30687

AFFECTED PRODUCTS

vendor:trendmicromodel:maximum security 2022scope:eqversion:17.7

Trust: 1.0

vendor:トレンドマイクロmodel:ウイルスバスター クラウドscope:eqversion:virus buster cloud 17.7

Trust: 0.8

vendor:トレンドマイクロmodel:ウイルスバスター クラウドscope:eqversion: -

Trust: 0.8

vendor:トレンドマイクロmodel:ウイルスバスター クラウドscope:eqversion:virus buster cloud 17.0

Trust: 0.8

vendor:trend micromodel:maximum securityscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-22-789 // JVNDB: JVNDB-2023-001291 // NVD: CVE-2022-30687

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-30687
value: HIGH

Trust: 1.0

NVD: CVE-2022-30687
value: HIGH

Trust: 0.8

ZDI: CVE-2022-30687
value: MEDIUM

Trust: 0.7

CNNVD: CNNVD-202205-3322
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-30687
severity: MEDIUM
baseScore: 6.6
vectorString: AV:L/AC:L/AU:N/C:N/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 9.2
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

nvd@nist.gov: CVE-2022-30687
baseSeverity: HIGH
baseScore: 7.1
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.2
version: 3.1

Trust: 1.0

NVD: CVE-2022-30687
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2022-30687
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 4.2
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-22-789 // JVNDB: JVNDB-2023-001291 // CNNVD: CNNVD-202205-3322 // NVD: CVE-2022-30687

PROBLEMTYPE DATA

problemtype:CWE-59

Trust: 1.0

problemtype:Link interpretation problem (CWE-59) [NVD evaluation ]

Trust: 0.8

problemtype: Out-of-bounds read (CWE-125) [NVD evaluation ]

Trust: 0.8

problemtype:Time-of-check Time-of-use (TOCTOU) Race condition (CWE-367) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-001291 // NVD: CVE-2022-30687

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202205-3322

TYPE

post link

Trust: 0.6

sources: CNNVD: CNNVD-202205-3322

PATCH

title:Alert / Advisory: Antivirus   About cloud vulnerabilities (CVE-2022-35234/CVE-2022-37347/CVE-2022-37348) Trend Microurl:https://helpcenter.trendmicro.com/ja-jp/article/tmka-11014

Trust: 0.8

title:Trend Micro has issued an update to correct this vulnerability.url:https://helpcenter.trendmicro.com/en-us/article/tmka-11017

Trust: 0.7

title:Trend Micro Maximum Security Post-link vulnerability fixesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=195340

Trust: 0.6

sources: ZDI: ZDI-22-789 // JVNDB: JVNDB-2023-001291 // CNNVD: CNNVD-202205-3322

EXTERNAL IDS

db:NVDid:CVE-2022-30687

Trust: 4.0

db:ZDIid:ZDI-22-789

Trust: 2.4

db:JVNid:JVNVU96882769

Trust: 0.8

db:JVNDBid:JVNDB-2023-001291

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-15739

Trust: 0.7

db:CS-HELPid:SB2022051301

Trust: 0.6

db:CNNVDid:CNNVD-202205-3322

Trust: 0.6

db:VULMONid:CVE-2022-30687

Trust: 0.1

sources: ZDI: ZDI-22-789 // VULMON: CVE-2022-30687 // JVNDB: JVNDB-2023-001291 // CNNVD: CNNVD-202205-3322 // NVD: CVE-2022-30687

REFERENCES

url:https://helpcenter.trendmicro.com/en-us/article/tmka-11017

Trust: 2.4

url:https://www.zerodayinitiative.com/advisories/zdi-22-789/

Trust: 1.7

url:http://jvn.jp/vu/jvnvu96882769/index.html

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-30687

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-34893

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-35234

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-37347

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-37348

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-48191

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-30687/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022051301

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: ZDI: ZDI-22-789 // VULMON: CVE-2022-30687 // JVNDB: JVNDB-2023-001291 // CNNVD: CNNVD-202205-3322 // NVD: CVE-2022-30687

CREDITS

Amir Ahmadi (@KingAmir )

Trust: 0.7

sources: ZDI: ZDI-22-789

SOURCES

db:ZDIid:ZDI-22-789
db:VULMONid:CVE-2022-30687
db:JVNDBid:JVNDB-2023-001291
db:CNNVDid:CNNVD-202205-3322
db:NVDid:CVE-2022-30687

LAST UPDATE DATE

2024-08-14T14:10:35.440000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-22-789date:2022-05-26T00:00:00
db:VULMONid:CVE-2022-30687date:2022-06-02T00:00:00
db:JVNDBid:JVNDB-2023-001291date:2024-06-13T07:30:00
db:CNNVDid:CNNVD-202205-3322date:2022-06-09T00:00:00
db:NVDid:CVE-2022-30687date:2022-06-08T16:18:31.877

SOURCES RELEASE DATE

db:ZDIid:ZDI-22-789date:2022-05-26T00:00:00
db:VULMONid:CVE-2022-30687date:2022-05-27T00:00:00
db:JVNDBid:JVNDB-2023-001291date:2023-03-02T00:00:00
db:CNNVDid:CNNVD-202205-3322date:2022-05-13T00:00:00
db:NVDid:CVE-2022-30687date:2022-05-27T00:15:08.333