Security News > 2020 > March > Trend Micro Fixes Critical Flaws Under Attack
2020-03-18 18:00
Two of these vulnerabilities are under active attack.
The first of two flaws under attack is a critical vulnerability that exists in the migration tool component of Apex One and OfficeScan.
While attackers could be remote, an attempted attack for this flaw requires authentication.
According to the advisory, impacted are the software's agents that are "Affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication."
Researchers with Tenable noted in an analysis posted Tuesday, this isn't the first time attackers have singled out Trend Micro.
News URL
Related news
- CISA warns critical SolarWinds RCE bug is exploited in attacks (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Critical Flaws in Traccar GPS System Expose Users to Remote Attacks (source)
- Ransomware attacks escalate as critical sectors struggle to keep up (source)
- Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks (source)
- Russian military hackers linked to critical infrastructure attacks (source)
- Critical SonicWall SSLVPN bug exploited in ransomware attacks (source)
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)
- Ivanti warns of another critical CSA flaw exploited in attacks (source)
- Critical Ivanti vTM auth bypass bug now exploited in attacks (source)