PT-2022-17217 · Trend Micro · Trend Micro Serverprotect

Published

2022-02-24

Updated

2022-03-03

CVE-2022-25330

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Trend Micro ServerProtect versions 5.8 through 6.0

Description The issue is related to integer overflow conditions in the Trend Micro ServerProtect Information Server, which could allow a remote attacker to crash the process or achieve remote code execution.

Recommendations For Trend Micro ServerProtect versions 5.8 through 6.0, update to a version that includes a fix for the integer overflow conditions to prevent remote code execution and process crashes.

Exploit

Fix

RCE

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

CVE-2022-25330

Affected Products

Trend Micro Serverprotect

PT-2022-17217 · Trend Micro · Trend Micro Serverprotect

CVE-2022-25330

Weakness Enumeration

Related Identifiers

Affected Products

References · 6