Release Date: December 18, 2019
CVE Vulnerability Identifiers: CVE-2019-19690
Platform: Android 8.0+
CVSS 3.0 Scores: 2.1
Severity Ratings: Low
Summary
Trend Micro has released a new version of Mobile Security for Android (consumer) which resolves an issue where the product's App Password Protection feature can be bypassed.
Affected Versions
| Product | Affected Versions | Platform | Language |
|---|---|---|---|
| Mobile Security | 10.3.1 and below | Android 8.0+ | English |
Solution
Trend Micro has released a new version of the app that resolves this issue:
| Product | Updated Version | Platform | Language |
|---|---|---|---|
| Trend Micro Mobile Security for Android | 11.0.0* | Android | English |
*Please note that this is the minimum version of the app that resolves the issue; however, Trend Micro always recommends that users get the latest version available on their respective app store for the latest protection. The latest version of the app is available now from Google Play.
Vulnerability Details
This update resolves an issue with Trend Micro Mobile Security for Android (consumer) on Android 8.0 and above which could potentially allow an attacker the ability to bypass the product's App Password Protection feature.
Trend Micro has received no reports nor is aware of any actual attacks against the affected product related to this vulnerability at this time.
Acknowledgement
Trend Micro would like to thank the following individual for responsibly disclosing the issue and working with Trend Micro to help protect our customers:
- Mohamed Fadel Khaled Bakir Ali (fb.me/CPUKi11er)
Additional Assistance
Customers who have questions are encouraged to contact Trend Micro Technical Support for further assistance.