Vulnerabilities > Trendmicro > Mobile Security > High

DATE CVE VULNERABILITY TITLE RISK
2023-06-26 CVE-2023-32522 Path Traversal vulnerability in Trendmicro Mobile Security 9.8
A path traversal exists in a specific dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an authenticated remote attacker to delete arbitrary files. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
network
low complexity
trendmicro CWE-22
8.1
2023-06-26 CVE-2023-32523 Improper Authentication vulnerability in Trendmicro Mobile Security 9.8
Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32524.
network
low complexity
trendmicro CWE-287
8.8
2023-06-26 CVE-2023-32524 Improper Authentication vulnerability in Trendmicro Mobile Security 9.8
Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32523.
network
low complexity
trendmicro CWE-287
8.8
2023-06-26 CVE-2023-32527 Unspecified vulnerability in Trendmicro Mobile Security 9.8
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32528.
network
low complexity
trendmicro
8.8
2023-06-26 CVE-2023-32528 Unspecified vulnerability in Trendmicro Mobile Security 9.8
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32527.
network
low complexity
trendmicro
8.8
2023-06-26 CVE-2023-35695 Information Exposure Through Log Files vulnerability in Trendmicro Mobile Security 9.8
A remote attacker could leverage a vulnerability in Trend Micro Mobile Security (Enterprise) 9.8 SP5 to download a particular log file which may contain sensitive information regarding the product.
network
low complexity
trendmicro CWE-532
7.5
2019-12-18 CVE-2019-19690 Weak Password Requirements vulnerability in Trendmicro Mobile Security 10.3.1/9.8
Trend Micro Mobile Security for Android (Consumer) versions 10.3.1 and below on Android 8.0+ has an issue in which an attacker could bypass the product's App Password Protection feature.
network
low complexity
trendmicro CWE-521
7.5
2017-09-22 CVE-2017-14080 Improper Authentication vulnerability in Trendmicro Mobile Security 9.7
Authentication bypass vulnerability in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allows attackers to access a specific part of the console using a blank password.
network
low complexity
trendmicro CWE-287
7.5