{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T13:04:31.580","vulnerabilities":[{"cve":{"id":"CVE-2022-48191","sourceIdentifier":"security@trendmicro.com","published":"2023-01-20T07:15:12.010","lastModified":"2025-04-03T20:15:17.747","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrary location, allowing a escalation of privileges on an affected system."},{"lang":"es","value":"Existe una vulnerabilidad en Trend Micro Maximum Security 2022 (17.7) en la que un usuario con pocos privilegios puede escribir un ejecutable malicioso conocido en una ubicación específica y, en el proceso de eliminación y restauración, un atacante podría reemplazar una carpeta original con un punto de montaje arbitrario. ubicación, lo que permite una escalada de privilegios en un sistema afectado."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-367"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-367"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:trendmicro:maximum_security_2022:17.7:*:*:*:*:*:*:*","matchCriteriaId":"7225BF53-129A-4CB7-8E51-8556A81A61B2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://helpcenter.trendmicro.com/en-us/article/tmka-11252","source":"security@trendmicro.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-23-053/","source":"security@trendmicro.com","tags":["Patch","Third Party Advisory","VDB Entry"]},{"url":"https://helpcenter.trendmicro.com/en-us/article/tmka-11252","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-23-053/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory","VDB Entry"]}]}}]}