CVE-2020-24557
Trend Micro Multiple Products Improper Access Control Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
YesDecision
Descriptions
A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Please note that version 1909 (OS Build 18363.719) of Microsoft Windows 10 mitigates hard links, but previous versions are affected.
Una vulnerabilidad en Trend Micro Apex One y Worry-Free Business Security 10.0 SP1 en Microsoft Windows puede permitir a un atacante manipular una carpeta de un producto en particular para deshabilitar la seguridad temporalmente, violar una función específica de Windows y lograr una escalada de privilegios. Un atacante debe primero obtener la capacidad de ejecutar código poco privilegiado en el sistema objetivo para explotar esta vulnerabilidad. Tenga en cuenta que la versión 1909 (compilación del SO 18363.719) de Microsoft Windows 10 mitiga los enlaces físicos, pero las versiones anteriores están afectadas
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the ApexOne Security Agent. The specific flaw exists within the logic that controls access to the Misc folder. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM.
Trend Micro Apex One, OfficeScan, and Worry-Free Business Security on Microsoft Windows contain an improper access control vulnerability that may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function, and attain privilege escalation.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-08-20 CVE Reserved
- 2020-08-31 CVE Published
- 2021-11-03 Exploited in Wild
- 2022-05-03 KEV Due Date
- 2024-08-04 CVE Updated
- 2024-08-25 EPSS Updated
- ---------- First Exploit
CWE
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-20-1094 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://success.trendmicro.com/solution/000263632 | 2022-07-12 | |
| https://success.trendmicro.com/solution/000267260 | 2022-07-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Trendmicro Search vendor "Trendmicro" | Apex One Search vendor "Trendmicro" for product "Apex One" | 2019 Search vendor "Trendmicro" for product "Apex One" and version "2019" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Trendmicro Search vendor "Trendmicro" | Apex One Search vendor "Trendmicro" for product "Apex One" | saas Search vendor "Trendmicro" for product "Apex One" and version "saas" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Trendmicro Search vendor "Trendmicro" | Worry-free Business Security Search vendor "Trendmicro" for product "Worry-free Business Security" | 10.0 Search vendor "Trendmicro" for product "Worry-free Business Security" and version "10.0" | sp1 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|