Rewterz Threat Alert – LokiBot Malware Targeting Italy – Active IOCs
July 12, 2022Rewterz Threat Advisory – CVE-2020-4150 – IBM SiteProtector Vulnerability
July 12, 2022Rewterz Threat Alert – LokiBot Malware Targeting Italy – Active IOCs
July 12, 2022Rewterz Threat Advisory – CVE-2020-4150 – IBM SiteProtector Vulnerability
July 12, 2022Severity
High
Analysis Summary
CVE-2022-35234
The specific flaw exists within the User Mode Hooking Monitor Engine. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of SYSTEM.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2022-35234
Affected Vendors
Trend Micro
Affected Products
Trend Micro Maximum Security
Remediation
Refer to Trend Micro Security Advisory for patch, upgrade or suggested workaround information.