Release Date: September 6, 2024
Trend Micro Vulnerability Identifier: CVE-2024-45334
Platform(s): Mac OS
CVSSv3 Scores: 5.4
Summary
Trend Micro has released an updated version of Antivirus One, a family of consumer products for macOS, which resolves a Safety Server Incorrect Permission Arbitrary Configuration Update vulnerability.
Affected version(s)
| PRODUCT | AFFECTED VERSION(S) | PLATFORM | LANGUAGE(S) |
|---|---|---|---|
| Trend Micro Antivirus One | Version 3.10.4 | macOS | English |
Solution
Trend Micro has released an update via ActiveUpdate that resolves the issue.
| PRODUCT | UPDATED VERSION(S) | PLATFORM | LANGUAGE(S) |
|---|---|---|---|
| Trend Micro Antivirus One | Version 3.10.6 or higher | macOS | English |
Vulnerability Details
Trend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthorized access to product configurations and functions.
Trend Micro has received no reports nor is aware of any actual attacks against the affected product related to this vulnerability at this time.
Mitigating Factors
It is recommended to update to the latest version of the product.
Additional Assistance
Customers who have questions are encouraged to contact Trend Micro Technical Support for further assistance.
External Reference
- ZDI-CAN-24181
