Security News > 2020 > March > Trend Micro Fixes Critical Flaws Under Attack
2020-03-18 18:00
Two of these vulnerabilities are under active attack.
The first of two flaws under attack is a critical vulnerability that exists in the migration tool component of Apex One and OfficeScan.
While attackers could be remote, an attempted attack for this flaw requires authentication.
According to the advisory, impacted are the software's agents that are "Affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication."
Researchers with Tenable noted in an analysis posted Tuesday, this isn't the first time attackers have singled out Trend Micro.
News URL
Related news
- CISA warns of critical Oracle, Mitel flaws exploited in attacks (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)