Vulnerabilities > Trendmicro > Apex ONE
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-01 | CVE-2020-24557 | Unspecified vulnerability in Trendmicro Apex ONE and Worry-Free Business Security A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation. | 7.8 |
| 2020-09-01 | CVE-2020-24556 | Link Following vulnerability in Trendmicro products A vulnerability in Trend Micro Apex One, OfficeScan XG SP1, Worry-Free Business Security 10 SP1 and Worry-Free Business Security Services on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution. | 7.8 |
| 2020-08-05 | CVE-2020-8607 | Improper Input Validation vulnerability in Trendmicro products An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. | 6.7 |
| 2020-03-18 | CVE-2020-8599 | Unspecified vulnerability in Trendmicro Apex ONE and Officescan Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login. | 9.8 |
| 2020-03-18 | CVE-2020-8598 | Missing Authentication for Critical Function vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow a remote attacker to execute arbitrary code on affected installations with SYSTEM level privileges. | 9.8 |
| 2020-03-18 | CVE-2020-8470 | Unspecified vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow an attacker to delete any file on the server with SYSTEM level privileges. | 7.5 |
| 2020-03-18 | CVE-2020-8468 | Injection vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. | 8.8 |
| 2020-03-18 | CVE-2020-8467 | Unspecified vulnerability in Trendmicro Apex ONE and Officescan A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE). | 8.8 |
| 2019-12-20 | CVE-2019-19692 | Cross-site Scripting vulnerability in Trendmicro Apex ONE 2019 Trend Micro Apex One (2019) is affected by a cross-site scripting (XSS) vulnerability on the product console. | 6.1 |
| 2019-12-20 | CVE-2019-19691 | Unspecified vulnerability in Trendmicro Apex ONE and Officescan A vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulating page elements using development tools. | 4.9 |