CVE-2020-25773

Name of the Vulnerable Software and Affected Versions Trend Micro Apex One (affected versions not specified) Trend Micro OfficeScan (affected versions not specified)

Description A vulnerability in the ServerMigrationTool component could allow an attacker to execute arbitrary code on affected products. This requires user interaction, where the target must import a corrupted configuration file.

Recommendations For Trend Micro Apex One, avoid importing configuration files from untrusted sources until a fix is available. For Trend Micro OfficeScan, restrict access to the ServerMigrationTool component to minimize the risk of exploitation. As a temporary workaround, consider disabling the import functionality of the ServerMigrationTool component until a patch is available.