CVE-2023-32521

Name of the Vulnerable Software and Affected Versions Trend Micro Mobile Security (Enterprise) version 9.8 SP5

Description A path traversal issue exists in a specific service dll, potentially allowing an unauthenticated remote attacker to delete arbitrary files. This is due to incorrect restriction of directory path names with limited access. The issue could be exploited by a remote attacker to delete files.

Recommendations For Trend Micro Mobile Security (Enterprise) version 9.8 SP5, consider restricting access to the vulnerable service dll as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.