CVE-2020-8468

Summary

Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication.

Affected Software

VendorProductVersion RangeStatus
Trend MicroTrend Micro OfficeScan, Trend Micro Apex One, Trend Micro Worry-Free Business Security (WFBS)OfficeScan XG (12.0), Apex One 2019 (14.0), WFBS 9.0, 9.5 and 10.0affected

Weaknesses

  • Content Validation Escape

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: yes
    • Technical Impact: total

Additional References

References