CVE-2017-14079

Name of the Vulnerable Software and Affected Versions Trend Micro Mobile Security (Enterprise) versions prior to 9.7 Patch 3

Description The issue allows remote attackers to execute arbitrary code on vulnerable installations due to unrestricted file uploads. This can be achieved through various file upload functions, including upload img file, upload font file, upload wallpaper file, and upload app file.

Recommendations For versions prior to 9.7 Patch 3, update to version 9.7 Patch 3 or later to resolve the issue. As a temporary workaround, consider restricting or disabling the file upload functionality until a patch is applied. Specifically, restrict access to the upload img file, upload font file, upload wallpaper file, and upload app file functions to minimize the risk of exploitation.