9.4

CVE-2020-8470

EPSS 1.12%
Published 18.03.2020 01:15:12
Last modified 21.11.2024 05:38:54
Source security@trendmicro.com
Teams watchlist Login
Open Login

Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow an attacker to delete any file on the server with SYSTEM level privileges. Authentication is not required to exploit this vulnerability.

Affected products Warnungen 0 Metrics 3 CWE 0 References 7

Data is provided by the National Vulnerability Database (NVD)

Trendmicro ≫ Apex One Version2019

Trendmicro ≫ Officescan Versionxg

Trendmicro ≫ Officescan Versionxg Updatesp1

Trendmicro ≫ Worry-free Business Security Version9.0 Updatesp3

Trendmicro ≫ Worry-free Business Security Version9.5

Trendmicro ≫ Worry-free Business Security Version10.0 Update-

Trendmicro ≫ Worry-free Business Security Version10.0 Updatesp1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.12%	0.773

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov	9.4	10	9.2	AV:N/AC:L/Au:N/C:N/I:C/A:C

https://success.trendmicro.com/jp/solution/000244253

Patch

Vendor Advisory

https://success.trendmicro.com/solution/000245571

Patch

Vendor Advisory

https://success.trendmicro.com/jp/solution/000244836

Patch

Vendor Advisory

https://success.trendmicro.com/solution/000245572

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-8470

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-8470

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-8470

EUVD