Vulnerability in Microsoft Windows
CVE-2019-14686
A DLL hijacking vulnerability exists in the Trend Micro Security's 2019 consumer family of products (v15) Folder Shield component and the standalone Trend Micro Ransom Buster (1.0) tool in which, if exploited, would allow an attacker to lo…
EPSS: 0.012 (64.4th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.8 (High). Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.
Affected products
- Microsoft Windows
- Trend Micro Ransom Buster, Security (Consumer) — versions Ransom Buster 1.0, Trend Micro Security 2019 (v15.0)
- Trendmicro Antivirus_\+_security_2019 — versions 15.0
- Trendmicro Internet_security_2019 — versions 15.0
- Trendmicro Maximum_security_2019 — versions 15.0
- Trendmicro Premium_security_2019 — versions 15.0
- Trendmicro Ransom_buster — versions 1.0
Weakness classification (CWE)
References
- security@trendmicro.com (x_refsource_CONFIRM, Vendor Advisory)
Frequently asked questions
- What is CVE-2019-14686?
- CVE-2019-14686 is a high-severity vulnerability in Microsoft Windows, classified under Uncontrolled Search Path Element. CVSS score: 7.8/10. Published 2019-08-21.
- How severe is CVE-2019-14686?
- High severity. CVSS v3 base score is 7.8 out of 10.