CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-28929
https://notcve.org/view.php?id=CVE-2023-28929
Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to a DLL Hijacking vulnerability which could allow an attacker to use a specific executable file as an execution and/or persistence mechanism which could execute a malicious program each time the executable file is started. • https://helpcenter.trendmicro.com/en-us/article/tmka-19062 • CWE-427: Uncontrolled Search Path Element •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32524 – Trend Micro Mobile Security for Enterprises widgetforsecurity WFUser Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-32524
Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32523. This vulnerability allows remote attackers to bypass authentication on affected installations of Trend Micro Mobile Security for Enterprises. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WFUser class defined within the web/widgetforsecurity path. The issue results from improper implementation of the authentication mechanism. An attacker can leverage this vulnerability to bypass authentication on the system. • https://success.trendmicro.com/dcx/s/solution/000293106?language=en_US https://www.zerodayinitiative.com/advisories/ZDI-23-588 • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32523 – Trend Micro Mobile Security for Enterprises widget WFUser Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-32523
Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32524. This vulnerability allows remote attackers to bypass authentication on affected installations of Trend Micro Mobile Security for Enterprises. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WFUser class defined within the web/widget path. The issue results from improper implementation of the authentication mechanism. An attacker can leverage this vulnerability to bypass authentication on the system. • https://success.trendmicro.com/dcx/s/solution/000293106?language=en_US https://www.zerodayinitiative.com/advisories/ZDI-23-587 • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 3%CPEs: 1EXPL: 0CVE-2023-32527 – Trend Micro Mobile Security for Enterprises widget getWidgetPoolManager Local File Inclusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-32527
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32528. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Mobile Security for Enterprises. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the getWidgetPoolManager function defined within the web/widget path. The issue results from the lack of proper validation of user-supplied data prior to passing it to a PHP include function. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of IUSR. • https://success.trendmicro.com/dcx/s/solution/000293106?language=en_US https://www.zerodayinitiative.com/advisories/ZDI-23-590 •
CVSS: 8.8EPSS: 3%CPEs: 1EXPL: 0CVE-2023-32528 – Trend Micro Mobile Security for Enterprises widgetforsecurity getWidgetPoolManager Local File Inclusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-32528
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32527. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Mobile Security for Enterprises. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the getWidgetPoolManager function defined within the web/widgetforsecurity path. The issue results from the lack of proper validation of user-supplied data prior to passing it to a PHP include function. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of IUSR. • https://success.trendmicro.com/dcx/s/solution/000293106?language=en_US https://www.zerodayinitiative.com/advisories/ZDI-23-591 •