Apex One Security Vulnerabilities and Issues — Apex One CVE List

Lucene search

TrendmicroApex One

5 matches found

CVE•added 2020/03/18 1:15 a.m.•920 views

CVE-2020-8599

Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login. Authentication is not required to exploit this vulnerability.

10CVSS9.4AI score0.5842EPSS

CVE•added 2020/03/18 1:15 a.m.•908 views

CVE-2020-8467

A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE). An attempted attack requires user authentication.

8.8CVSS9.4AI score0.07689EPSS

CVE•added 2020/03/18 1:15 a.m.•903 views

CVE-2020-8468

Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication.

8.8CVSS8.9AI score0.04484EPSS

CVE•added 2020/03/18 1:15 a.m.•98 views

CVE-2020-8598

Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow a remote attacker to execute arbitrary code on affected installations with SYSTEM level privileges. Authentication is not required to exploit t...

10CVSS9.6AI score0.08463EPSS

CVE•added 2020/03/18 1:15 a.m.•96 views

CVE-2020-8470

Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow an attacker to delete any file on the server with SYSTEM level privileges. Authentication is not required to exploit this vulnerability.

9.4CVSS7.8AI score0.01122EPSS