# Exploit Title: Trend Micro Maximum Security 2019 - Privilege Escalation
# Exploit Author: hyp3rlinx
# Vendor Homepage:
# Version: Platform Microsoft Windows, Premium Security 2019 (v15), Maximum Security 2019 (v15)
# Internet Security 2019 (v15), Antivirus + Security 2019 (v15)

[+] Credits: John Page (aka hyp3rlinx)		
[+] Website:
[+] Source:
[+] ISR: ApparitionSec     


Trend Micro Security (Consumer) Multiple Products

Trend Micro Security provides comprehensive protection for your devices.
This includes protection against ransomware, viruses, malware, spyware, and identity theft.

[Vulnerability Type]
Persistent Arbitrary Code Execution

[CVE Reference]

[CVSSv3 Scores: 6.7]

[Security Issue]
Trend Micro Security can potentially allow an attackers to use a malicious program to escalate privileges
to SYSTEM integrity and attain persistence on a vulnerable system.

[Product Affected Versions]
Platform Microsoft Windows

Premium Security 2019 (v15) and 2020 (v16)

Maximum Security
2019 (v15) and 2020 (v16)

Internet Security
2019 (v15) and 2020 (v16)
Antivirus + Security
2019 (v15) and 2020 (v16)


Compile C test code "Program.c"

void main(void){

1) Place under c:\ dir.
2) Reboot the machine, the coreServiceShell.exe service loads and executes our binary with SYSTEM integrity.

# [2020-01-19]  #