CVE-2020-24557
- EPSS 2.64%
- Veröffentlicht 01.09.2020 19:15:11
- Zuletzt bearbeitet 31.10.2025 14:42:20
A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain p...
CVE-2020-24558
- EPSS 0.56%
- Veröffentlicht 01.09.2020 19:15:11
- Zuletzt bearbeitet 21.11.2024 05:14:59
A vulnerability in an Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services dll may allow an attacker to manipulate it to cause an out-of-bounds read that crashes multiple processes in the product. An a...
CVE-2020-8607
- EPSS 0.66%
- Veröffentlicht 05.08.2020 14:15:13
- Zuletzt bearbeitet 21.11.2024 05:39:07
An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel...
CVE-2020-8468
- EPSS 5.75%
- Veröffentlicht 18.03.2020 01:15:12
- Zuletzt bearbeitet 31.10.2025 14:41:42
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted at...
CVE-2020-8470
- EPSS 4.47%
- Veröffentlicht 18.03.2020 01:15:12
- Zuletzt bearbeitet 21.11.2024 05:38:54
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow an attacker to delete any file on the server with SYSTEM level privileges. Authentication is n...
- EPSS 13.24%
- Veröffentlicht 18.03.2020 01:15:12
- Zuletzt bearbeitet 21.11.2024 05:39:06
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow a remote attacker to execute arbitrary code on affected installations with SYSTEM level privil...
- EPSS 11.58%
- Veröffentlicht 18.03.2020 01:15:12
- Zuletzt bearbeitet 31.10.2025 14:41:21
Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login. Authentication is not required to expl...
CVE-2020-8467
- EPSS 10.79%
- Veröffentlicht 18.03.2020 01:15:11
- Zuletzt bearbeitet 31.10.2025 14:42:14
A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE). An attempted attack requires user authentication.
CVE-2019-19692
- EPSS 0.74%
- Veröffentlicht 20.12.2019 16:15:12
- Zuletzt bearbeitet 21.11.2024 04:35:12
Trend Micro Apex One (2019) is affected by a cross-site scripting (XSS) vulnerability on the product console. Note that the Japanese version of the product is NOT affected.
CVE-2019-19691
- EPSS 1.16%
- Veröffentlicht 20.12.2019 16:15:11
- Zuletzt bearbeitet 21.11.2024 04:35:12
A vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulating page elements using development tools. Note that the attacker must already have admin/root privileges on the product c...