Security News > 2020 > March > Trend Micro Fixes Critical Flaws Under Attack
2020-03-18 18:00
Two of these vulnerabilities are under active attack.
The first of two flaws under attack is a critical vulnerability that exists in the migration tool component of Apex One and OfficeScan.
While attackers could be remote, an attempted attack for this flaw requires authentication.
According to the advisory, impacted are the software's agents that are "Affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication."
Researchers with Tenable noted in an analysis posted Tuesday, this isn't the first time attackers have singled out Trend Micro.
News URL
Related news
- Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks (source)
- Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- Fortinet warns of new critical FortiManager flaw used in zero-day attacks (source)
- FortiManager critical vulnerability under active attack (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Critical bug in EoL D-Link NAS devices now exploited in attacks (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)