CVE-2020-24562 – Trend Micro OfficeScan Hard Link Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-24562
A vulnerability in Trend Micro OfficeScan XG SP1 on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This CVE is similar, but not identical to CVE-2020-24556. Una vulnerabilidad en Trend Micro OfficeScan XG SP1 en Microsoft Windows, puede permitir a un atacante crear un enlace físico hacia cualquier archivo del sistema, que luego podría ser manipulado para obtener una escalada de privilegios y una ejecución de código. Un atacante debe primero obtener la capacidad de ejecutar código poco privilegiado en el sistema objetivo para explotar esta vulnerabilidad. • https://success.trendmicro.com/solution/000263633 https://www.zerodayinitiative.com/advisories/ZDI-20-1226 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2020-24563 – Trend Micro Apex One Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-24563
A vulnerability in Trend Micro Apex One may allow a local attacker to manipulate the process of the security agent unload option (if configured), which then could be manipulated to gain a privilege escalation and code execution. An attacker must first obtain the ability to execute low-privileged code on the target in order to exploit this vulnerability. Una vulnerabilidad en Trend Micro Apex One, puede permitir a un atacante local manipular el proceso de la opción de descarga del agente de seguridad (si está configurada), que luego podría ser manipulado para obtener una escalada de privilegios y una ejecución de código. Un atacante primero debe obtener la capacidad de ejecutar código poco privilegiado sobre el objetivo a fin de explotar esta vulnerabilidad This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ApexOne Security Agent. • https://success.trendmicro.com/solution/000271974 https://www.zerodayinitiative.com/advisories/ZDI-20-1218 • CWE-287: Improper Authentication •
CVE-2020-24564 – Trend Micro Apex One Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-24564
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the target in order to exploit these vulnerabilities. The subs affected in this vulnerability makes it unique compared to similar CVEs such as CVE-2020-24565 and CVE-2020-25770. Una vulnerabilidad de divulgación de información de lectura fuera de límites en Trend Micro Apex One, puede permitir a un atacante local divulgar información confidencial a una cuenta poco privilegiada en instalaciones vulnerables del producto. Un atacante primero debe obtener la capacidad de ejecutar código poco privilegiado sobre el objetivo a fin de explotar estas vulnerabilidades. • https://success.trendmicro.com/solution/000271974 https://www.zerodayinitiative.com/advisories/ZDI-20-1219 • CWE-125: Out-of-bounds Read •
CVE-2020-25773 – Trend Micro OfficeScan ServerMigrationTool DAT File Parsing Double Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-25773
A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to execute arbitrary code on affected products. User interaction is required to exploit this vulnerability in that the target must import a corrupted configuration file. Una vulnerabilidad en el componente ServerMigrationTool de Trend Micro Apex One, podría permitir a un atacante ejecutar código arbitrario en los productos afectados. Es requerida una interacción del usuario para explotar esta vulnerabilidad, ya que el objetivo debe importar un archivo de configuración dañado This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro OfficeScan ServerMigrationTool. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of DAT files. • https://success.trendmicro.com/solution/000271974 https://www.zerodayinitiative.com/advisories/ZDI-20-1224 • CWE-415: Double Free •
CVE-2020-25771 – Trend Micro Apex One scanServer64 Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-25771
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the target in order to exploit these vulnerabilities. The subs affected in this vulnerability makes it unique compared to similar CVEs such as CVE-2020-24564 and CVE-2020-25770. Una vulnerabilidad de divulgación de información de lectura fuera de límites en Trend Micro Apex One, puede permitir a un atacante local divulgar información confidencial a una cuenta poco privilegiada en instalaciones vulnerables del producto. Un atacante primero debe obtener la capacidad de ejecutar código poco privilegiado sobre el objetivo a fin de explotar estas vulnerabilidades. • https://success.trendmicro.com/solution/000271974 https://www.zerodayinitiative.com/advisories/ZDI-20-1223 • CWE-125: Out-of-bounds Read •