PT-2020-16198 · Trend Micro · Trend Micro Apex One+1

Michael Deplante

Published

2020-09-25

Updated

2020-10-09

CVE-2020-25774

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Trend Micro Apex One (affected versions not specified) Trend Micro OfficeScan (affected versions not specified)

Description A vulnerability in the ServerMigrationTool component could allow an attacker to trigger an out-of-bounds read information disclosure, which would disclose sensitive information to an unprivileged account. User interaction is required to exploit this issue, where the target must visit a malicious page or open a malicious file.

Recommendations For Trend Micro Apex One, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Trend Micro OfficeScan, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2020-25774

ZDI-20-1225

Affected Products

Trend Micro Apex One

Trend Micro Officescan

PT-2020-16198 · Trend Micro · Trend Micro Apex One+1

CVE-2020-25774

Weakness Enumeration

Related Identifiers

Affected Products

References · 4