Security News > 2020 > March > Trend Micro Fixes Critical Flaws Under Attack
2020-03-18 18:00
Two of these vulnerabilities are under active attack.
The first of two flaws under attack is a critical vulnerability that exists in the migration tool component of Apex One and OfficeScan.
While attackers could be remote, an attempted attack for this flaw requires authentication.
According to the advisory, impacted are the software's agents that are "Affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication."
Researchers with Tenable noted in an analysis posted Tuesday, this isn't the first time attackers have singled out Trend Micro.
News URL
Related news
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- CISA tags critical Ivanti EPM flaws as actively exploited in attacks (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Critical RCE flaw in Apache Tomcat actively exploited in attacks (source)
- Critical GitHub Attack (source)
- Critical Cisco Smart Licensing Utility flaws now exploited in attacks (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- Critical auth bypass bug in CrushFTP now exploited in attacks (source)