Vulnerability Details CVE-2020-25772
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the target in order to exploit these vulnerabilities. The subs affected in this vulnerability makes it unique compared to similar CVEs such as CVE-2020-24564 and CVE-2020-25771.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.6%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 2.1
References
Products affected by CVE-2020-25772
-
cpe:2.3:a:trendmicro:apex_one:2019
-
cpe:2.3:a:trendmicro:apex_one:saas
-
cpe:2.3:o:microsoft:windows:-