Vulnerabilities > Trendmicro > Mobile Security

DATE CVE VULNERABILITY TITLE RISK
2023-06-26 CVE-2023-32528 Unspecified vulnerability in Trendmicro Mobile Security 9.8
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32527.
network
low complexity
trendmicro
8.8
2023-06-26 CVE-2023-35695 Information Exposure Through Log Files vulnerability in Trendmicro Mobile Security 9.8
A remote attacker could leverage a vulnerability in Trend Micro Mobile Security (Enterprise) 9.8 SP5 to download a particular log file which may contain sensitive information regarding the product.
network
low complexity
trendmicro CWE-532
7.5
2020-02-20 CVE-2019-14688 Uncontrolled Search Path Element vulnerability in Trendmicro products
Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation.
network
high complexity
trendmicro microsoft CWE-427
5.1
2019-12-18 CVE-2019-19690 Weak Password Requirements vulnerability in Trendmicro Mobile Security 10.3.1/9.8
Trend Micro Mobile Security for Android (Consumer) versions 10.3.1 and below on Android 8.0+ has an issue in which an attacker could bypass the product's App Password Protection feature.
network
low complexity
trendmicro CWE-521
7.5
2018-01-19 CVE-2017-14082 Information Exposure vulnerability in Trendmicro Mobile Security
An uninitialized pointer information disclosure vulnerability in Trend Micro Mobile Security (Enterprise) versions 9.7 and below could allow an unauthenticated remote attacker to disclosure sensitive information on a vulnerable system.
network
low complexity
trendmicro CWE-200
5.0
2017-09-22 CVE-2017-14081 Command Injection vulnerability in Trendmicro Mobile Security
Proxy command injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.
network
low complexity
trendmicro CWE-77
6.5
2017-09-22 CVE-2017-14080 Improper Authentication vulnerability in Trendmicro Mobile Security 9.7
Authentication bypass vulnerability in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allows attackers to access a specific part of the console using a blank password.
network
low complexity
trendmicro CWE-287
7.5
2017-09-22 CVE-2017-14079 Unrestricted Upload of File with Dangerous Type vulnerability in Trendmicro Mobile Security 9.7
Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.
network
low complexity
trendmicro CWE-434
6.5
2017-09-22 CVE-2017-14078 SQL Injection vulnerability in Trendmicro Mobile Security 9.7
SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.
network
low complexity
trendmicro CWE-89
critical
10.0
2017-03-31 CVE-2016-9319 Improper Certificate Validation vulnerability in Trendmicro Mobile Security
There is Missing SSL Certificate Validation in the Trend Micro Enterprise Mobile Security Android Application before 9.7.1193, aka VRTS-398.
4.3