CVE-2020-8598

Summary

Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow a remote attacker to execute arbitrary code on affected installations with SYSTEM level privileges. Authentication is not required to exploit this vulnerability.

Affected Software

VendorProductVersion RangeStatus
Trend MicroTrend Micro OfficeScan, Trend Micro Apex One, Trend Micro Worry-Free Business Security (WFBS)OfficeScan XG (12.0), Apex One 2019 (14.0), WFBS 9.0, 9.5 and 10.0affected

Weaknesses

  • Directory Traversal

ADP Enrichment

CVE Program Container

Additional References

References