Details of VAR-202207-0546

ID

VAR-202207-0546

CVE

CVE-2022-35234

TITLE

Trend Micro antivirus Multiple vulnerabilities in the cloud

Trust: 0.8

sources: JVNDB: JVNDB-2023-001291

DESCRIPTION

Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. Virus Buster from Trend Micro Inc. An update for the cloud has been released. This vulnerability information is provided by the developer for the purpose of dissemination to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.The potential impact will vary for each vulnerability, but you may be impacted by: Please refer to the respective advisory provided by the developer for details. Cloud version 17.7 It was * Arbitrary file deletion due to link interpretation problem when accessing file in data erasure tool - CVE-2022-30687 It was * Privilege escalation due to link interpretation problems when accessing files - CVE-2022-34893 It was * Information Disclosure via Out-of-Bounds Read Vulnerability - CVE-2022-35234 , CVE-2022-37347 , CVE-2022-37348 It was * Time-of-check Time-of-use (( TOCTOU ) Privilege escalation due to race condition vulnerability - CVE-2022-48191 virus buster Cloud version 17.0 It was * Information Disclosure via Out-of-Bounds Read Vulnerability - CVE-2022-35234 , CVE-2022-37347 , CVE-2022-37348. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the User Mode Hooking Monitor Engine. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of SYSTEM

Trust: 2.34

sources: NVD: CVE-2022-35234 // JVNDB: JVNDB-2023-001291 // ZDI: ZDI-22-962 // VULMON: CVE-2022-35234

AFFECTED PRODUCTS

vendor:	trendmicro	model:	security	scope:	eq	version:	2022	Trust: 1.0
vendor:	trendmicro	model:	security	scope:	eq	version:	2021	Trust: 1.0
vendor:	トレンドマイクロ	model:	ウイルスバスタークラウド	scope:	eq	version:	virus buster cloud 17.7	Trust: 0.8
vendor:	トレンドマイクロ	model:	ウイルスバスタークラウド	scope:	eq	version:	-	Trust: 0.8
vendor:	トレンドマイクロ	model:	ウイルスバスタークラウド	scope:	eq	version:	virus buster cloud 17.0	Trust: 0.8
vendor:	trend micro	model:	maximum security	scope:	-	version:	-	Trust: 0.7

sources: ZDI: ZDI-22-962 // JVNDB: JVNDB-2023-001291 // NVD: CVE-2022-35234

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-35234
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-35234
value:	HIGH
Trust: 0.8
ZDI:	CVE-2022-35234
value:	MEDIUM
Trust: 0.7
CNNVD:	CNNVD-202207-621
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-35234
baseSeverity:	HIGH
baseScore:	7.1
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.2
version:	3.1
Trust: 1.0
NVD:	CVE-2022-35234
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2022-35234
baseSeverity:	MEDIUM
baseScore:	4.4
vectorString:	AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	1.8
impactScore:	2.5
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-22-962 // JVNDB: JVNDB-2023-001291 // CNNVD: CNNVD-202207-621 // NVD: CVE-2022-35234

PROBLEMTYPE DATA

problemtype:	CWE-125	Trust: 1.0
problemtype:	Link interpretation problem (CWE-59) [NVD evaluation ]	Trust: 0.8
problemtype:	Out-of-bounds read (CWE-125) [NVD evaluation ]	Trust: 0.8
problemtype:	Time-of-check Time-of-use (TOCTOU) Race condition (CWE-367) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-001291 // NVD: CVE-2022-35234

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202207-621

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202207-621

PATCH

title:	Alert / Advisory: Antivirus About cloud vulnerabilities (CVE-2022-35234/CVE-2022-37347/CVE-2022-37348) Trend Micro	url:	https://helpcenter.trendmicro.com/ja-jp/article/tmka-11014	Trust: 0.8
title:	Trend Micro has issued an update to correct this vulnerability.	url:	https://helpcenter.trendmicro.com/en-us/article/tmka-11058	Trust: 0.7
title:	Trend Micro Security Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=203728	Trust: 0.6

sources: ZDI: ZDI-22-962 // JVNDB: JVNDB-2023-001291 // CNNVD: CNNVD-202207-621

EXTERNAL IDS

db:	NVD	id:	CVE-2022-35234	Trust: 4.0
db:	ZDI	id:	ZDI-22-962	Trust: 2.4
db:	JVN	id:	JVNVU96882769	Trust: 0.8
db:	JVNDB	id:	JVNDB-2023-001291	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-16650	Trust: 0.7
db:	CS-HELP	id:	SB2022070801	Trust: 0.6
db:	CNNVD	id:	CNNVD-202207-621	Trust: 0.6
db:	VULMON	id:	CVE-2022-35234	Trust: 0.1

sources: ZDI: ZDI-22-962 // VULMON: CVE-2022-35234 // JVNDB: JVNDB-2023-001291 // CNNVD: CNNVD-202207-621 // NVD: CVE-2022-35234

REFERENCES

url:	https://helpcenter.trendmicro.com/en-us/article/tmka-11058	Trust: 2.4
url:	https://www.zerodayinitiative.com/advisories/zdi-22-962/	Trust: 1.7
url:	http://jvn.jp/vu/jvnvu96882769/index.html	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-30687	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-34893	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-35234	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-37347	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-37348	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-48191	Trust: 0.8
url:	https://www.cybersecurity-help.cz/vdb/sb2022070801	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-35234/	Trust: 0.6
url:	https://nvd.nist.gov	Trust: 0.1

sources: ZDI: ZDI-22-962 // VULMON: CVE-2022-35234 // JVNDB: JVNDB-2023-001291 // CNNVD: CNNVD-202207-621 // NVD: CVE-2022-35234

CREDITS

Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative

Trust: 0.7

sources: ZDI: ZDI-22-962

SOURCES

db:	ZDI	id:	ZDI-22-962
db:	VULMON	id:	CVE-2022-35234
db:	JVNDB	id:	JVNDB-2023-001291
db:	CNNVD	id:	CNNVD-202207-621
db:	NVD	id:	CVE-2022-35234

LAST UPDATE DATE

2024-08-14T14:10:35.298000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-22-962	date:	2022-07-11T00:00:00
db:	VULMON	id:	CVE-2022-35234	date:	2022-08-01T00:00:00
db:	JVNDB	id:	JVNDB-2023-001291	date:	2024-06-13T07:30:00
db:	CNNVD	id:	CNNVD-202207-621	date:	2022-08-10T00:00:00
db:	NVD	id:	CVE-2022-35234	date:	2022-08-05T12:17:56.560

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-22-962	date:	2022-07-11T00:00:00
db:	VULMON	id:	CVE-2022-35234	date:	2022-07-30T00:00:00
db:	JVNDB	id:	JVNDB-2023-001291	date:	2023-03-02T00:00:00
db:	CNNVD	id:	CNNVD-202207-621	date:	2022-07-08T00:00:00
db:	NVD	id:	CVE-2022-35234	date:	2022-07-30T00:15:08.693