// For flags

CVE-2017-14078

Trend Micro Mobile Security for Enterprise get_moveto_group_list Device_DeviceId SQL Injection Remote Code Execution Vulnerability

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.

Varias vulnerabilidades de inyección SQL en las versiones anteriores a 9.7 Patch 3 de Trend Micro Mobile Security (Enterprise) permiten que atacantes remotos ejecuten código arbitrario en instalaciones vulnerables.

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Mobile Security for Enterprise. Authentication is required to exploit this vulnerability.
The specific flaw exists within the processing of the get_moveto_group_list action. When parsing the 'id' field, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute arbitrary code under the context of SYSTEM.

*Credits: Steven Seeley (mr_me) of Offensive Security & Roberto Suggi Liverani - @malerisch - http://blog.malerisch.net/
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-08-31 CVE Reserved
  • 2017-09-15 CVE Published
  • 2024-04-18 EPSS Updated
  • 2024-09-17 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CAPEC
References (67)
URL Tag Source
http://www.securityfocus.com/bid/100966 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-739 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-740 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-741 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-742 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-743 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-744 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-745 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-746 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-747 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-748 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-749 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-750 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-751 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-753 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-754 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-755 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-756 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-757 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-758 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-759 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-760 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-761 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-762 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-763 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-764 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-765 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-766 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-768 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-769 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-770 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-771 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-772 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-773 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-775 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-776 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-777 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-778 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-779 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-780 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-781 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-782 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-783 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-784 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-786 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-787 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-788 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-791 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-792 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-793 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-794 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-795 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-796 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-797 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-798 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-799 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-800 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-801 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-802 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-803 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-804 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-805 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-806 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-808 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-809 Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-17-810 Third Party Advisory
URL Date SRC
URL Date SRC
https://success.trendmicro.com/solution/1118224 2017-09-29
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Trendmicro
Search vendor "Trendmicro"
 Mobile Security
Search vendor "Trendmicro" for product "Mobile Security"
 9.7
Search vendor "Trendmicro" for product "Mobile Security" and version "9.7"
enterprise
Affected