Medium
CVE-2022-37347 CVSS:4.4
Trend Micro Maximum Security could allow a local authenticated attacker to obtain sensitive information, caused by an out-of-bounds read in the User Mode Hooking Monitor Engine. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to escalate privileges and execute arbitrary code in the context of SYSTEM.
CVE-2022-37348 CVSS:4.4
Trend Micro Maximum Security could allow a local authenticated attacker to obtain sensitive information, caused by an out-of-bounds read in the User Mode Hooking Monitor Engine. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to escalate privileges and execute arbitrary code in the context of SYSTEM.
Trend Micro
Refer to Trend Micro Security for patch, upgrade or suggested workaround information.