Chris Valasek

**Name of the Vulnerable Software and Affected Versions** Uconnect versions prior to 15.26.1 **Description** The issue allows remote attackers in the same cellular network to control vehicle movement, cause human harm or physical damage, or modify dashboard settings. This is achieved via vectors related to modification of entertainment-system firmware and access of the CAN bus due to insufficient "Radio security protection." A demonstration of this issue was performed on a 2014 Jeep Cherokee Limited FWD. **Recommendations** For versions prior to 15.26.1, update to version 15.26.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Trend Micro ServerProtect versions 5.7 through 5.58 **Description** The issue allows remote attackers to execute arbitrary code, related to obtaining administrative access to the RPC interface. **Recommendations** For versions 5.7 through 5.58, update to a version that fixes this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Trend Micro ServerProtect versions 5.7 through 5.58 **Description** A heap-based buffer overflow issue exists in an unspecified procedure, potentially related to an RPC interface, allowing remote attackers to execute arbitrary code via unknown vectors. **Recommendations** For versions 5.7 through 5.58, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Trend Micro ServerProtect versions 5.7 through 5.58 **Description** A heap-based buffer overflow issue exists in an unspecified procedure, allowing remote attackers to execute arbitrary code via unknown vectors, possibly related to a read operation over RPC. **Recommendations** For versions 5.7 through 5.58, at the moment, there is no information about a newer version that contains a fix for this issue.

Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0014.

Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0013.