CVE-2020-8602

Published: Aug 27, 2020Modified: Nov 21, 2024

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: NVD

Description

A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution.

Affected (4)

Products: Trendmicro: Deep Security Manager, Vulnerability Protection

Trendmicro

2 products

Deep Security Manager

Vulnerability Protection

Configuration A

4 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Trendmicro Deep Security Manager	Version 10.0
Trendmicro Deep Security Manager	Version 11.0
Trendmicro Deep Security Manager	Version 12.0
Trendmicro Vulnerability Protection	Version 2.0 sp2

Running on/with	Platform Versions
Microsoft Windows	All versions

References (2)

https://success.trendmicro.com/solution/000252039

Source: security@trendmicro.com

PatchVendor Advisory

https://success.trendmicro.com/solution/000252039

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.