Remote Code Execution Vulnerability Found In Trend Micro Anti-Threat Toolkit (ATTK)

The Anti-Threat Toolkit (ATTK) by Trend Micro is a dedicated tool for fending off malware infections. However, like any other antimalware, this tool is also prone to security flaws. Recently, a researcher has found a vulnerability in Trend Micro ATTK that allows remote code execution.

Researcher John Page, who goes by the alias hyp3rlinx, has reportedly found a security vulnerability in Trend Micro ATTK.

Explaining about the flaw in his advisory, he stated that the flaw enabled a potential attacker to execute code. Ironically, exploiting this vulnerability could, therefore, permit running malware.

The vulnerability could serve as a persistent vector for running the malware and could execute the code each time ATTK would run.

In addition to the advisory, the researcher has also shared a PoC video for the exploit.

You Might Also Like