Lucene search
Poh Jia Hao of STAR Labs SG Pte. Ltd.ZDI-23-588HistoryMay 12, 2023 - 12:00 a.m.
Trend Micro Mobile Security for Enterprises widgetforsecurity WFUser Authentication Bypass Vulnerability
2023-05-1200:00:00
Poh Jia Hao of STAR Labs SG Pte. Ltd.
www.zerodayinitiative.com
9
trend micro
mobile security
authentication bypass
vulnerability
wfuser class
0.005 Low
EPSS
Percentile
77.4%
This vulnerability allows remote attackers to bypass authentication on affected installations of Trend Micro Mobile Security for Enterprises. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WFUser class defined within the web/widgetforsecurity path. The issue results from improper implementation of the authentication mechanism. An attacker can leverage this vulnerability to bypass authentication on the system.
Related
cve
cve
CVE-2023-32524
2023-06-26 22:15:10
CVE-2023-32523
2023-06-26 22:15:10
cvelist
cvelist
CVE-2023-32523
2023-06-26 21:53:22
CVE-2023-32524
2023-06-26 21:53:33
nvd
nvd
CVE-2023-32523
2023-06-26 22:15:10
CVE-2023-32524
2023-06-26 22:15:10
prion
prion
Authentication flaw
2023-06-26 22:15:00
Authentication flaw
2023-06-26 22:15:00