CVE-2020-24557 - A vulnerability in Trend Micro Apex One and Worry-Free Business Security - CVEs Blog

A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Please note that version 1909 (OS Build 18363.719) of Microsoft Windows 10 mitigates hard links, but previous versions are affected.

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24557

Reference (s):

https://success.trendmicro.com/solution/000263632
URL: https://success.trendmicro.com/solution/000263632
https://success.trendmicro.com/solution/000267260
URL: https://success.trendmicro.com/solution/000267260
https://www.zerodayinitiative.com/advisories/ZDI-20-1094/

CVE-2020-24557 – A vulnerability in Trend Micro Apex One and Worry-Free Business Security

Something Fresh

CVE-2004-1715 - Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 all

CVE-2020-27216 - In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 1

CVE-2020-27212 - STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect acce

What People Reading

CVE-2015-0320 - Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and

CVE-2015-0353 - Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.

CVE-2004-1715 - Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 all

CVE-2020-25698 - Users' enrollment capabilities were not being sufficiently checked in Moo

CVE-2020-26934 - phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the trans

Categories

Partners

Just add here your partners image or promo text