CVE-2020-8598

Name of the Vulnerable Software and Affected Versions Trend Micro Apex One version 2019 Trend Micro OfficeScan XG versions 9.0 through 10.0 Trend Micro Worry-Free Business Security versions 9.0 through 10.0

Description The server contains a vulnerable service DLL file that could allow a remote attacker to execute arbitrary code on affected installations with SYSTEM level privileges. Authentication is not required to exploit this issue.

Recommendations For Trend Micro Apex One version 2019, update to a version that includes the fix for the vulnerable service DLL file. For Trend Micro OfficeScan XG versions 9.0 through 10.0, update to a version that includes the fix for the vulnerable service DLL file. For Trend Micro Worry-Free Business Security versions 9.0 through 10.0, update to a version that includes the fix for the vulnerable service DLL file. As a temporary workaround, consider restricting access to the vulnerable service DLL file until a patch is available.