Trend Micro Patches Two Vulnerabilities Exploited in the Wild

Trend Micro has patched several serious vulnerabilities in its Worry-Free Business Security, Apex One and OfficeScan products, including a couple of flaws that have been exploited in the wild.


One of the actively exploited vulnerabilities, tracked as CVE-2020-8467, is related to a migration tool component of Apex One and OfficeScan. It allows a remote, authenticated attacker to execute arbitrary code on affected installations.


The second flaw, tracked as CVE-2020-8468 and described as a content validation escape issue, impacts the agents for Worry-Free Business Security, Apex One and OfficeScan. It allows an authenticated attacker to “manipulate certain agent client components.”


The exploited vulnerabilities were identified by Trend Micro’s own researchers, but no information has been released about the attacks.


Since exploitation of the flaws requires authentication, the attacks involving CVE-2020-8467 and CVE-2020-8468 likely also leveraged other vulnerabilities as well.


This is not the first time malicious actors have exploited vulnerabilities in Trend Micro products. An attack launched last year against Mitsubishi Electric reportedly involved exploitation of a vulnerability in Trend Micro’s OfficeScan product. The attack was attributed to the China-linked threat group known as Tick.


The Trend Micro advisories describing the Apex One and OfficeScan vulnerabilities also inform users that the two products are affected by three other critical weaknesses and these can be exploited without authentication.


Two of the security holes are related to service DLL files and they can be exploited to execute arbitrary code with elevated privileges and to delete any file on the server. The third vulnerab ..

Support the originator by clicking the read the rest link below.