The Trend Micro Security 2020 (v16) consumer family of products is vulnerable to a security race condition arbitrary file deletion vulnerability that could allow an unprivileged user to manipulate the product’s secure erase feature to delete files with a higher set of privileges.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25775
Reference (s):
- https://helpcenter.trendmicro.com/en-us/article/TMKA-09909
- URL: https://helpcenter.trendmicro.com/en-us/article/TMKA-09909
- https://www.zerodayinitiative.com/advisories/ZDI-20-1227/
- URL: https://www.zerodayinitiative.com/advisories/ZDI-20-1227/