CVE-2020-24557 – Trend Micro Multiple Products Improper Access Control Vulnerability
https://notcve.org/view.php?id=CVE-2020-24557
A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Please note that version 1909 (OS Build 18363.719) of Microsoft Windows 10 mitigates hard links, but previous versions are affected. Una vulnerabilidad en Trend Micro Apex One y Worry-Free Business Security 10.0 SP1 en Microsoft Windows puede permitir a un atacante manipular una carpeta de un producto en particular para deshabilitar la seguridad temporalmente, violar una función específica de Windows y lograr una escalada de privilegios. Un atacante debe primero obtener la capacidad de ejecutar código poco privilegiado en el sistema objetivo para explotar esta vulnerabilidad. • https://success.trendmicro.com/solution/000263632 https://success.trendmicro.com/solution/000267260 https://www.zerodayinitiative.com/advisories/ZDI-20-1094 •
CVE-2020-24556 – Trend Micro Apex One Hard Link Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-24556
A vulnerability in Trend Micro Apex One, OfficeScan XG SP1, Worry-Free Business Security 10 SP1 and Worry-Free Business Security Services on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Please note that version 1909 (OS Build 18363.719) of Microsoft Windows 10 mitigates hard links, but previous versions are affected. Una vulnerabilidad en Trend Micro Apex One, OfficeScan XG SP1, Worry-Free Business Security 10 SP1 y Worry-Free Business Security Services en Microsoft Windows, puede permitir a un atacante crear un enlace físico para cualquier archivo en el sistema, que luego podría manipularse para obtener una escalada de privilegios y una ejecución de código. Un atacante debe primero obtener la capacidad de ejecutar código poco privilegiado en el sistema objetivo para explotar esta vulnerabilidad. • https://success.trendmicro.com/solution/000263632 https://success.trendmicro.com/solution/000263633 https://success.trendmicro.com/solution/000267260 https://www.zerodayinitiative.com/advisories/ZDI-20-1093 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2020-24559 – Trend Micro Apex One Hard Link Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-24559
A vulnerability in Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services on macOS may allow an attacker to manipulate a certain binary to load and run a script from a user-writable folder, which then would allow them to execute arbitrary code as root. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad en Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 y Worry-Free Business Security Services en macOS, puede permitir a un atacante manipular un determinado binario para cargar y ejecutar un script desde una carpeta editable por el usuario, lo que luego les permitiría ejecutar código arbitrario como root. Un atacante debe primero obtener la capacidad de ejecutar código poco privilegiado en el sistema objetivo para explotar esta vulnerabilidad This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ApexOne Security Agent. • https://success.trendmicro.com/solution/000263632 https://success.trendmicro.com/solution/000267260 https://www.zerodayinitiative.com/advisories/ZDI-20-1096 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2020-8607
https://notcve.org/view.php?id=CVE-2020-8607
An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability. Una vulnerabilidad de comprobación de entrada que se encuentra en varios productos de Trend Micro que usan una versión particular de un controlador de protección de rootkit específico, podría permitir a un atacante en modo usuario con permisos de administrador abusar del controlador para modificar una dirección del kernel que puede causar un bloqueo del sistema o potencialmente conllevar a una ejecución de código en modo kernel. Un atacante ya debe haber obtenido acceso de administrador en la máquina de destino (legítimamente o mediante un ataque no relacionado separado) para explotar esta vulnerabilidad • https://jvn.jp/en/vu/JVNVU99160193/index.html https://jvn.jp/vu/JVNVU99160193 https://success.trendmicro.com/jp/solution/000260748 https://success.trendmicro.com/solution/000260713 • CWE-20: Improper Input Validation •
CVE-2020-8598
https://notcve.org/view.php?id=CVE-2020-8598
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow a remote attacker to execute arbitrary code on affected installations with SYSTEM level privileges. Authentication is not required to exploit this vulnerability. El servidor de Trend Micro Apex One (2019), OfficeScan XG y Worry-Free Business Security versiones (9.0, 9.5, 10.0), contienen un archivo DLL de servicio vulnerable que podría permitir a un atacante remoto ejecutar código arbitrario en instalaciones afectadas con privilegios de nivel SYSTEM. No es requerida una autenticación para explotar esta vulnerabilidad. • https://success.trendmicro.com/jp/solution/000244253 https://success.trendmicro.com/jp/solution/000244836 https://success.trendmicro.com/solution/000245571 https://success.trendmicro.com/solution/000245572 • CWE-306: Missing Authentication for Critical Function •