Researchers have disclosed a set of security vulnerabilities in Autodesk, Trend Micro, and Kaspersky software.
On Monday, the SafeBreach Labs published three security advisories describing the bugs, all of which were privately reported to the vendors before public disclosure.
The first vulnerability, tracked as CVE-2019-15628, impacts Trend Micro Maximum Security version 16.0.1221 and below. One of the software’s components, the Trend Micro Solution Platform service, coreServiceShell.exe, runs as NT AUTHORITY\SYSTEM with high levels of permission, and it was this executable that the researchers targeted.
Once coreServiceShell.exe executes, a library – paCoreProductAdaptor.dll – is loaded. However, a missing DLL, lack of safe DLL loading and signed validation meant that attackers could exploit this security hole, loading unsigned DLLs as a result.
To read the complete article see: