← Zuruck zu CVEs

CVE-2020-8599

CRITICALCISA KEV

9.8

Beschreibung

Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login. Authentication is not required to exploit this vulnerability.

CVE Details

CVSS v3.1 Bewertung9.8

SchweregradCRITICAL

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht3/18/2020

Zuletzt geandert10/31/2025

Quellekev

Honeypot-Sichtungen0

CISA KEV

HerstellerTrend Micro

ProduktApex One and OfficeScan

SchwachstellennameTrend Micro Apex One and OfficeScan Authentication Bypass Vulnerability

KEV Aufnahmedatum2021-11-03

Behebungsfrist2022-05-03

Ransomware-NutzungUnknown

Betroffene Produkte

trendmicro:apex_onetrendmicro:officescan

Referenzen

https://success.trendmicro.com/jp/solution/000244253(security@trendmicro.com)

https://success.trendmicro.com/solution/000245571(security@trendmicro.com)

https://success.trendmicro.com/jp/solution/000244253(af854a3a-2127-422b-91ae-364da2661108)

https://success.trendmicro.com/solution/000245571(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-8599(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.