Vulnerability Details CVE-2020-8599
Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login. Authentication is not required to exploit this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.584
EPSS Ranking 98.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
Proposed Action
Trend Micro Apex One and OfficeScan server contain a vulnerable EXE file that could allow a remote attacker to write data to a path on affected installations and bypass root login.
Ransomware Campaign
Unknown
References
Products affected by CVE-2020-8599
-
cpe:2.3:a:trendmicro:apex_one:2019
-
cpe:2.3:a:trendmicro:officescan:xg