CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-45334: Trend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthorized...

7.8 CVSS

Description

Trend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthorized access to product configurations and functions.

Classification

CVE ID: CVE-2024-45334

CVSS Base Severity: HIGH

CVSS Base Score: 7.8

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Affected Products

Vendor: Trend Micro, Inc.

Product: Trend Micro Antivirus One

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 13.31% (scored less or equal to compared to others)

EPSS Date: 2025-04-11 (when was this score calculated)

Stakeholder-Specific Vulnerability Categorization (SSVC)

SSVC Exploitation: none

SSVC Technical Impact: total

SSVC Automatable: false

References

https://nvd.nist.gov/vuln/detail/CVE-2024-45334
https://helpcenter.trendmicro.com/en-us/article/TMKA-14461

Timeline

2025-03-13 17:40:22 UTC
CVE

Trend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthorized...