ID

VAR-202208-2362


CVE

CVE-2022-37348


TITLE

Trend Micro antivirus   Multiple vulnerabilities in the cloud

Trust: 0.8

sources: JVNDB: JVNDB-2023-001291

DESCRIPTION

Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. This vulnerability is similar to, but not the same as CVE-2022-37347. Virus Buster from Trend Micro Inc. An update for the cloud has been released. This vulnerability information is provided by the developer for the purpose of dissemination to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.The potential impact will vary for each vulnerability, but you may be impacted by: Please refer to the respective advisory provided by the developer for details. Cloud version 17.7 It was * Arbitrary file deletion due to link interpretation problem when accessing file in data erasure tool - CVE-2022-30687 It was * Privilege escalation due to link interpretation problems when accessing files - CVE-2022-34893 It was * Information Disclosure via Out-of-Bounds Read Vulnerability - CVE-2022-35234 , CVE-2022-37347 , CVE-2022-37348 It was * Time-of-check Time-of-use (( TOCTOU ) Privilege escalation due to race condition vulnerability - CVE-2022-48191 virus buster Cloud version 17.0 It was * Information Disclosure via Out-of-Bounds Read Vulnerability - CVE-2022-35234 , CVE-2022-37347 , CVE-2022-37348. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the User Mode Hooking Monitor Engine. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of SYSTEM

Trust: 2.25

sources: NVD: CVE-2022-37348 // JVNDB: JVNDB-2023-001291 // ZDI: ZDI-22-1177

AFFECTED PRODUCTS

vendor:trendmicromodel:securityscope:lteversion:17.7.1383

Trust: 1.0

vendor:トレンドマイクロmodel:ウイルスバスター クラウドscope:eqversion:virus buster cloud 17.7

Trust: 0.8

vendor:トレンドマイクロmodel:ウイルスバスター クラウドscope:eqversion: -

Trust: 0.8

vendor:トレンドマイクロmodel:ウイルスバスター クラウドscope:eqversion:virus buster cloud 17.0

Trust: 0.8

vendor:trend micromodel:maximum securityscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-22-1177 // JVNDB: JVNDB-2023-001291 // NVD: CVE-2022-37348

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-37348
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-37348
value: HIGH

Trust: 0.8

ZDI: CVE-2022-37348
value: MEDIUM

Trust: 0.7

CNNVD: CNNVD-202209-1509
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2022-37348
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-37348
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2022-37348
baseSeverity: MEDIUM
baseScore: 4.4
vectorString: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 1.8
impactScore: 2.5
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-22-1177 // JVNDB: JVNDB-2023-001291 // CNNVD: CNNVD-202209-1509 // NVD: CVE-2022-37348

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.0

problemtype:Link interpretation problem (CWE-59) [NVD evaluation ]

Trust: 0.8

problemtype: Out-of-bounds read (CWE-125) [NVD evaluation ]

Trust: 0.8

problemtype:Time-of-check Time-of-use (TOCTOU) Race condition (CWE-367) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-001291 // NVD: CVE-2022-37348

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202209-1509

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202209-1509

PATCH

title:Alert / Advisory: Antivirus   About cloud vulnerabilities (CVE-2022-35234/CVE-2022-37347/CVE-2022-37348) Trend Microurl:https://helpcenter.trendmicro.com/ja-jp/article/tmka-11014

Trust: 0.8

title:Trend Micro has issued an update to correct this vulnerability.url:https://helpcenter.trendmicro.com/en-us/article/tmka-11058

Trust: 0.7

title:Trend Micro Security (Consumer) Buffer error vulnerability fixurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=208775

Trust: 0.6

sources: ZDI: ZDI-22-1177 // JVNDB: JVNDB-2023-001291 // CNNVD: CNNVD-202209-1509

EXTERNAL IDS

db:NVDid:CVE-2022-37348

Trust: 3.9

db:ZDIid:ZDI-22-1177

Trust: 2.3

db:JVNid:JVNVU96882769

Trust: 0.8

db:JVNDBid:JVNDB-2023-001291

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-16606

Trust: 0.7

db:CNNVDid:CNNVD-202209-1509

Trust: 0.6

sources: ZDI: ZDI-22-1177 // JVNDB: JVNDB-2023-001291 // CNNVD: CNNVD-202209-1509 // NVD: CVE-2022-37348

REFERENCES

url:https://helpcenter.trendmicro.com/en-us/article/tmka-11058

Trust: 2.3

url:https://www.zerodayinitiative.com/advisories/zdi-22-1177/

Trust: 1.6

url:http://jvn.jp/vu/jvnvu96882769/index.html

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-30687

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-34893

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-35234

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-37347

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-37348

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-48191

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-37348/

Trust: 0.6

sources: ZDI: ZDI-22-1177 // JVNDB: JVNDB-2023-001291 // CNNVD: CNNVD-202209-1509 // NVD: CVE-2022-37348

CREDITS

Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative

Trust: 0.7

sources: ZDI: ZDI-22-1177

SOURCES

db:ZDIid:ZDI-22-1177
db:JVNDBid:JVNDB-2023-001291
db:CNNVDid:CNNVD-202209-1509
db:NVDid:CVE-2022-37348

LAST UPDATE DATE

2024-08-14T14:10:35.355000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-22-1177date:2022-08-31T00:00:00
db:JVNDBid:JVNDB-2023-001291date:2024-06-13T07:30:00
db:CNNVDid:CNNVD-202209-1509date:2022-09-23T00:00:00
db:NVDid:CVE-2022-37348date:2022-09-22T15:01:32.527

SOURCES RELEASE DATE

db:ZDIid:ZDI-22-1177date:2022-08-31T00:00:00
db:JVNDBid:JVNDB-2023-001291date:2023-03-02T00:00:00
db:CNNVDid:CNNVD-202209-1509date:2022-09-19T00:00:00
db:NVDid:CVE-2022-37348date:2022-09-19T18:15:09.807