CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-15604

An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one. CWE-494: Update files are not properly verified.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.0%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2020-15604

Trendmicro » Antivirus+ 2019 » Version: 15.0

cpe:2.3:a:trendmicro:antivirus+_2019:15.0
Trendmicro » Internet Security 2019 » Version: 15.0

cpe:2.3:a:trendmicro:internet_security_2019:15.0
Trendmicro » Maximum Security 2019 » Version: 15.0

cpe:2.3:a:trendmicro:maximum_security_2019:15.0
Trendmicro » Officescan Cloud » Version: 15

cpe:2.3:a:trendmicro:officescan_cloud:15
Trendmicro » Premium Security 2019 » Version: 15.0

cpe:2.3:a:trendmicro:premium_security_2019:15.0
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-15604

Products

Pricing

Contact Us