Security News > 2020 > January > Trend Micro OfficeScan Flaw Apparently Exploited in Mitsubishi Electric Hack
A cyberattack disclosed recently by Mitsubishi Electric, which resulted in hackers gaining access to the company's network and stealing corporate data, likely involved exploitation of a vulnerability in Trend Micro's OfficeScan product.
Mitsubishi Electric is a top contractor for Japan's military and infrastructure, but the company said in its data breach notice that no infrastructure-related information was impacted in the hack.
"The remote process execution is bound to a web service account, which depending on the web platform used may have restricted permissions. An attempted attack requires user authentication," Trend Micro explained in an advisory last year.
"Exploiting these type of vulnerabilities generally require that an attacker has access to a vulnerable machine," Trend Micro said in October last year.
SecurityWeek has reached out to Trend Micro via email to inquire about the Mitsubishi Electric incident.