CVE-2018-18332

Published: Dec 21, 2018Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to potentially manipulate permissions on some key files to modify other files and folders on vulnerable installations.

Affected (1)

Products: Trendmicro: Officescan

Trendmicro

1 product

Officescan

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Trendmicro Officescan	Version xg

Running on/with	Platform Versions
Microsoft Windows	All versions

Related CWEs

CWE-732

Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

References (2)

https://success.trendmicro.com/solution/1121674

Source: security@trendmicro.com

MitigationVendor Advisory

https://success.trendmicro.com/solution/1121674

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationVendor Advisory

Timeline

No history available yet.