Trend Micro patches critical vulnerabilities for Apex One and OfficeScan

Trend Micro has found and patched numerous high-to-critical vulnerabilities for two of its products, according to a security bulletin on the company’s business support page. The vulnerabilities range from 8-10 on the CVSS scale and, according to Trend Micro, at least one of the patched vulnerabilities are being exploited in the wild. Because of this, the company is urging customers to update the affected products, Trend Micro Apex One and OfficeScan XG, as soon as possible.

There are five vulnerabilities that are mentioned in the security bulletin:

  • CVE-2020-8467: A migration tool component used in both Trend Micro Apex One and OfficeScan is exploitable in that it allows threat actors, namely those who have user authentication, to execute arbitrary code. This vulnerability has a CVSS score of 9.1 and is currently finding activity in the wild.
  • CVE-2020-8468: This is a content validation escape vulnerability that, with user authentication, “could allow an attacker to manipulate certain agent-client components.” With a CVSS score of 8.0, this is on the lower end of some of these patched exploits, however, just like CVE-2020-8467, this is currently being used in the wild.
  • CVE-2020-8470: Earning a 10 on the CVSS scale, this vulnerability stems from a DLL file that, in the words of Trend Micro, “could allow an attacker to delete any file on the server with SYSTEM level privileges.” This can be accomplished without authentication, however, there have been no observed cases of active exploitation. Authentication is not required to exploit this vulnerability.
  • CVE-2020-8598: Similar to CVE-2020-8470, this vulnerability is a 10 on the CVSS scale and also stems from a vulnerable service DLL file. In this case, however, a threat actor can leverage this vulnerability to execute arbitrary code with SYSTEM level privileges. Again, like CVE-2020-8470, this all can be done sans authentication. There are no instances of exploitation at this time.
  • CVE-2020-8599: Is a CVSS level 10 vulnerability, exploitable without authentication, stemming from an EXE file that allows an attacker to bypass ROOT via writing arbitrary data to an arbitrary path.

Don’t wait for the other vulnerabilities to be exploited, which they undoubtedly will, before patching. Install these updates as soon as possible if you use Trend Micro Apex One and OfficeScan.

Featured image: Wikimedia

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Share
Published by
Derek Kortepeter

Recent Posts

Hardware RAID vs. software RAID: Pros and cons for each

RAID is a technique to virtualize independent disks into arrays for improved performance. Should you…

3 days ago

After the plague: What IT will look like in a post-COVID-19 world

COVID-19 has changed everything, but once it disappears, we will not go back to how…

3 days ago

Solved: Outlook defaults to Microsoft 365 version with Exchange server

An Exchange server with a hybrid connection to Microsoft 365 is usually pretty seamless —…

4 days ago

How chatbots are changing the way teams communicate internally

Chatots are primarily thought of as consumer-facing solutions. They bring life to customer interactions by…

4 days ago

Hakbit ransomware campaign targeting specific European countries

The newly uncovered Hakbit ransomware campaign spread via spear-phishing emails may indicate a shift in…

4 days ago

Credential stuffing: Everything you need to know to avoid being a victim

Credential stuffing is yet another weapon being used by cybercriminals. Here’s what credential stuffing is…

5 days ago