Security News > 2020 > March > Trend Micro Fixes Critical Flaws Under Attack
Two of these vulnerabilities are under active attack.
The first of two flaws under attack is a critical vulnerability that exists in the migration tool component of Apex One and OfficeScan.
While attackers could be remote, an attempted attack for this flaw requires authentication.
According to the advisory, impacted are the software's agents that are "Affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication."
Researchers with Tenable noted in an analysis posted Tuesday, this isn't the first time attackers have singled out Trend Micro.
News URL
Related news
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Critical bug in EoL D-Link NAS devices now exploited in attacks (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks (source)
- Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks (source)
- Cleo patches critical zero-day exploited in data theft attacks (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)