9.4

CVE-2020-8470

Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow an attacker to delete any file on the server with SYSTEM level privileges. Authentication is not required to exploit this vulnerability.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
TrendmicroApex One Version2019
TrendmicroOfficescan Versionxg
TrendmicroOfficescan Versionxg Updatesp1
TrendmicroWorry-free Business Security Version9.0 Updatesp3
TrendmicroWorry-free Business Security Version10.0 Update-
TrendmicroWorry-free Business Security Version10.0 Updatesp1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.12% 0.773
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov 9.4 10 9.2
AV:N/AC:L/Au:N/C:N/I:C/A:C