Vulnerabilities > Trendmicro > Officescan > xg
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-29 | CVE-2020-24562 | Link Following vulnerability in Trendmicro Officescan XG A vulnerability in Trend Micro OfficeScan XG SP1 on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution. | 7.8 |
| 2020-09-01 | CVE-2020-24559 | Link Following vulnerability in Trendmicro products A vulnerability in Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services on macOS may allow an attacker to manipulate a certain binary to load and run a script from a user-writable folder, which then would allow them to execute arbitrary code as root. | 7.8 |
| 2020-08-05 | CVE-2020-8607 | Improper Input Validation vulnerability in Trendmicro products An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. | 6.7 |
| 2020-03-18 | CVE-2020-8599 | Unspecified vulnerability in Trendmicro Apex ONE and Officescan Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login. | 9.8 |
| 2020-03-18 | CVE-2020-8598 | Missing Authentication for Critical Function vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow a remote attacker to execute arbitrary code on affected installations with SYSTEM level privileges. | 9.8 |
| 2020-03-18 | CVE-2020-8470 | Unspecified vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow an attacker to delete any file on the server with SYSTEM level privileges. | 7.5 |
| 2020-03-18 | CVE-2020-8468 | Injection vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. | 8.8 |
| 2020-03-18 | CVE-2020-8467 | Unspecified vulnerability in Trendmicro Apex ONE and Officescan A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE). | 8.8 |
| 2020-02-20 | CVE-2019-14688 | Uncontrolled Search Path Element vulnerability in Trendmicro products Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. | 7.0 |
| 2019-12-20 | CVE-2019-19691 | Unspecified vulnerability in Trendmicro Apex ONE and Officescan A vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulating page elements using development tools. | 4.9 |