PT-2020-20232 · Trend Micro · Trend Micro Deep Security+1

Published

2020-08-27

Updated

2021-07-21

CVE-2020-8602

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Trend Micro Deep Security versions 10.0 through 12.0 Trend Micro Vulnerability Protection version 2.0 SP2

Description A vulnerability in the management consoles may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution.

Recommendations For Trend Micro Deep Security versions 10.0 through 12.0, update to a version that includes a fix for this issue. For Trend Micro Vulnerability Protection version 2.0 SP2, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting access to the management consoles to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-8602

Affected Products

Trend Micro Deep Security

Trend Micro Vulnerability Protection

PT-2020-20232 · Trend Micro · Trend Micro Deep Security+1

CVE-2020-8602

Related Identifiers

Affected Products

References · 3