Vulnerabilities > Trendmicro > Serverprotect > High

DATE CVE VULNERABILITY TITLE RISK
2022-02-24 CVE-2022-25329 Use of Hard-coded Credentials vulnerability in Trendmicro products
Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console.
network
low complexity
trendmicro CWE-798
7.5
2022-02-24 CVE-2022-25330 Integer Overflow or Wraparound vulnerability in Trendmicro products
Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution.
network
low complexity
trendmicro CWE-190
7.5
2020-08-05 CVE-2020-8607 Improper Input Validation vulnerability in Trendmicro products
An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode.
local
low complexity
trendmicro CWE-20
7.2
2017-05-26 CVE-2017-9036 Missing Authorization vulnerability in Trendmicro Serverprotect 3.0
Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows local users to gain privileges by leveraging an unrestricted quarantine directory.
local
low complexity
trendmicro CWE-862
7.2