Login Sign Up

CVE-2022-35234

7.1 HIGH

📋 TL;DR

Trend Micro Security 2021 and 2022 (Consumer) contains an out-of-bounds read vulnerability that could allow an attacker to read sensitive information from memory and cause application crashes. This affects consumer versions of Trend Micro Security software running on Windows systems.

💻 Affected Systems

Products:
  • Trend Micro Security 2021
  • Trend Micro Security 2022
Versions: Consumer versions prior to the patched release
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Consumer editions only; business/enterprise editions may have different vulnerability status

📦 What is this software?

Security by Trendmicro

View all CVEs affecting Security →

Security by Trendmicro

View all CVEs affecting Security →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could read sensitive information from memory (potentially including credentials, encryption keys, or other protected data) and cause denial of service through application crashes.

🟠

Likely Case

Information disclosure of memory contents and application instability/crashes affecting the Trend Micro Security software.

🟢

If Mitigated

Limited information disclosure with minimal operational impact if proper network segmentation and endpoint protections are in place.

🌐 Internet-Facing: LOW (Consumer antivirus software typically not directly internet-facing)
🏢 Internal Only: MEDIUM (Requires local access or ability to execute code on target system)

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires ability to execute code on target system; no public exploit code available at time of advisory

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patched in Trend Micro Security updates (specific version numbers in vendor advisory)

Vendor Advisory: https://helpcenter.trendmicro.com/en-us/article/tmka-11058

Restart Required: Yes

Instructions:

1. Open Trend Micro Security 2. Click 'Check for Updates' 3. Install all available updates 4. Restart computer when prompted

🔧 Temporary Workarounds

Temporary Disable Trend Micro Protection

windows

Disable real-time protection temporarily if patching cannot be immediately performed (NOT RECOMMENDED except as emergency measure)

Right-click Trend Micro icon in system tray > Pause Protection

🧯 If You Can't Patch

  • Restrict local user privileges to prevent execution of untrusted code
  • Implement network segmentation to limit lateral movement potential

🔍 How to Verify

Check if Vulnerable:

Check Trend Micro Security version against patched versions listed in vendor advisory TMKA-11058

Check Version:

Open Trend Micro Security > Click 'About' or check version in program interface

Verify Fix Applied:

Verify Trend Micro Security shows no available updates and version matches or exceeds patched version

📡 Detection & Monitoring

Log Indicators:

  • Trend Micro application crash logs
  • Unexpected memory access errors in system logs

Network Indicators:

  • Unusual local process communication attempts to Trend Micro services

SIEM Query:

Process:trendmicro.exe AND (EventID:1000 OR ExceptionCode:c0000005)

📊 Metadata

CVE ID: CVE-2022-35234
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE: CWE-125
Published: July 30, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-35234, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)