Trend Micro Malware Sample Detection Bypass Vulnerability (1118797)

critical Nessus Plugin ID 134892

Synopsis

The remote host is running an antivirus engine appication with an outdated pattern file

Description

The remote host is running a version of the Trend Micro engine with an outdated pattern file. It is, therefore, affected by an issue whereby certain malware samples may, incorrectly, be classified as benign.

Solution

Upgrade Trend Micro pattern file to version 13.765.00 or later.

See Also

http://www.nessus.org/u?775a6618

Plugin Details

Severity: Critical

ID: 134892

File Name: trendmicro_1118797.nasl

Version: 1.4

Type: local

Agent: windows

Family: Windows

Published: 3/25/2020

Updated: 11/24/2020

Supported Sensors: Nessus Agent, Nessus

Risk Information

CVSS Score Rationale: Score based on analysis of vendor advisory

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: manual

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:trend_micro:trend_micro_antivirus

Required KB Items: Antivirus/TrendMicro/installed, Antivirus/TrendMicro/trendmicro_internal_pattern_display_version

Patch Publication Date: 4/16/2019

Vulnerability Publication Date: 4/16/2019