In August, Trend Micro fixed an issue to resolve a vulnerability found in the cybersecurity firm's password manager software that potentially could have led to DLL hijacking, privilege escalation, and code execution attacks.
According to SafeBreach Labs, the security flaw was found after the team targeted the "Trend Micro Password Manager Central Control Service," also known as PwmSvc.exe, as the core service runs via the Windows NT AUTHORITY\SYSTEM, a process with high permission levels.
Trend Micro then released a security bulletin describing the security flaw on August 14. Within the advisory, the cybersecurity firm noted that CVE-2019-14687 had also been patched; a similar DLL hijacking bug which impacts a separate DLL to the initial report.
Trend Micro however, is not alone in bolstering its security offering through acquisitions. Earlier this year, FireEye purchased Verodin in a move to validate the effectiveness of cybersecurity controls.
More recently, Broadcom sealed a $10.7 million to purchase Symantec's enterprise security portfolio. The deal gives Broadcom ownership of Symantec's entire enterprise security business as well as the Symantec brand name.