Lucene search

K
cve[email protected]CVE-2020-8470
HistoryMar 18, 2020 - 1:15 a.m.

CVE-2020-8470

2020-03-1801:15:12
web.nvd.nist.gov
79
In Wild
cve-2020-8470
trend micro
apex one
officescan
vulnerability
server
file deletion
dll
nvd

CVSS2

9.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:C/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

7.8

Confidence

High

EPSS

0.002

Percentile

61.1%

Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow an attacker to delete any file on the server with SYSTEM level privileges. Authentication is not required to exploit this vulnerability.

Affected configurations

NVD
Node
trendmicroapex_oneMatch2019
OR
trendmicroofficescanMatchxg
OR
trendmicroofficescanMatchxgsp1
OR
trendmicroworry-free_business_securityMatch9.0sp3
OR
trendmicroworry-free_business_securityMatch9.5
OR
trendmicroworry-free_business_securityMatch10.0-
OR
trendmicroworry-free_business_securityMatch10.0sp1

CNA Affected

[
  {
    "product": "Trend Micro OfficeScan, Trend Micro Apex One, Trend Micro Worry-Free Business Security (WFBS)",
    "vendor": "Trend Micro",
    "versions": [
      {
        "status": "affected",
        "version": "OfficeScan XG (12.0), Apex One 2019 (14.0), WFBS 9.0, 9.5 and 10.0"
      }
    ]
  }
]

CVSS2

9.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:C/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

7.8

Confidence

High

EPSS

0.002

Percentile

61.1%