CVE-2020-25779

Name of the Vulnerable Software and Affected Versions Trend Micro Antivirus for Mac 2020 (Consumer)

Description The issue allows an Internationalized Domain Name homograph attack, also known as a Puny-code attack, to be used for adding a malicious website to the list of approved websites. This can bypass the web threat protection feature.

Recommendations For Trend Micro Antivirus for Mac 2020 (Consumer), consider restricting access to the feature that allows adding websites to the approved list until a fix is available. As a temporary workaround, manually monitor and verify the approved websites list to prevent malicious additions.