699 matches found
CVE-2021-25235
An improper access control vulnerability in Trend Micro Apex One on-prem and SaaS and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about a content inspection configuration file...
CVE-2021-25239
An improper access control vulnerability in Trend Micro Apex One on-prem, OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about x86 agent hotfixes...
CVE-2021-25231
An improper access control vulnerability in Trend Micro Apex One on-prem and SaaS, OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific hotfix history file...
CVE-2021-25230
An improper access control vulnerability in Trend Micro Apex One on-prem and SaaS and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the contents of a scan connection exception file...
CVE-2020-8467
A migration tool component of Trend Micro Apex One 2019 and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations RCE. An attempted attack requires user authentication...
CVE-2020-28573
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal the total agents managed by the server...
CVE-2020-28577
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal server hostname and db names...
CVE-2020-28582
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal number of managed agents...
CVE-2020-28583
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version, build and patch information...
CVE-2020-28576
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information...
CVE-2019-9492
A DLL side-loading vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow an authenticated attacker to gain code execution and terminate the product's process - disabling endpoint protection. The attacker must have already gained authentication and have local access to the vulnerable...
CVE-2019-19691
A vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulating page elements using development tools. Note that the attacker must already have admin/root privileges on the product console to exploit this vulnerability...
CVE-2017-8801
Trend Micro OfficeScan 11.0 before SP1 CP 6325 with Agent Module Build before 6152 and XG before CP 1352 has XSS via a crafted URI using a blocked website...
Trend Micro OfficeScan Client 10.0 Local Privilege Escalation
Exploit Title: Trend Micro OfficeScan Client 10.0 - ACL Service LPE Date: 2023/05/04 Exploit Author: msd0pe Vendor Homepage: https://www.trendmicro.com My Github: https://github.com/msd0pe-1 Trend Micro OfficeScan Client: Versions = icacls "C:\Program Files x86\Trend Micro\OfficeScan Client"...
Trend Micro OfficeScan Client 10.0 - ACL Service Local Privilege Escalation Vulnerability
Exploit Title: Trend Micro OfficeScan Client 10.0 - ACL Service LPE Exploit Author: msd0pe Vendor Homepage: https://www.trendmicro.com My Github: https://github.com/msd0pe-1 Trend Micro OfficeScan Client: Versions = icacls "C:\Program Files x86\Trend Micro\OfficeScan Client" C:\Program Files...
Trend Micro OfficeScan Client 10.0 - ACL Service LPE
Exploit Title: Trend Micro OfficeScan Client 10.0 - ACL Service LPE Date: 2023/05/04 Exploit Author: msd0pe Vendor Homepage: https://www.trendmicro.com My Github: https://github.com/msd0pe-1 Trend Micro OfficeScan Client: Versions = icacls "C:\Program Files x86\Trend Micro\OfficeScan Client"...
Trend Micro OfficeScan 10 SP1 < 10 SP1 Patch 2329 Multiple Vulnerabilities (000287815)
According to its self-reported version, the Trend Micro OfficeScan application running on the remote host is prior to 10 SP1 Patch 2329. It is, therefore, affected by multiple vulnerabilities: - An improper input validation vulnerability has been identified in business security. This may allow yo...
Trend Micro OfficeScan Directory Traversal Vulnerability
Trend Micro OfficeScan contains a directory traversal vulnerability by extracting files from a zip file to a specific folder on the OfficeScan server, leading to remote code execution...
Trend Micro Multiple Products Content Validation Escape Vulnerability
Trend Micro Apex One, OfficeScan, and Worry-Free Business Security agents contain a content validation escape vulnerability that could allow an attacker to manipulate certain agent client components...
Trend Micro Apex One and OfficeScan Authentication Bypass Vulnerability
Trend Micro Apex One and OfficeScan server contain a vulnerable EXE file that could allow a remote attacker to write data to a path on affected installations and bypass root login...