← back
CVE-2019-9491

CVE-2019-9491

EPSS 12.9%
Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed.
Affected products
Trend Micro · Trend Micro Anti-Threat Toolkit (ATTK)
public PoCs found2
cve_referencepacketstormsecurity.com/files/156160/TrendMicro-Anti-Threat-Toolkit-Improper-Fix.htmlunverifiedexploitdbwww.exploit-db.com/exploits/47527unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-ANTI-THREAT-TOOLKIT-%28ATTK%29-REMOTE-CODE-EXECUTION.txthttp://packetstormsecurity.com/files/156160/TrendMicro-Anti-Threat-Toolkit-Improper-Fix.htmlhttp://seclists.org/fulldisclosure/2019/Oct/42http://seclists.org/fulldisclosure/2020/Jan/50https://seclists.org/bugtraq/2019/Oct/30https://seclists.org/bugtraq/2020/Jan/55https://success.trendmicro.com/solution/000149878