First published: Fri Apr 05 2019(Updated: )
A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5 and 9.0) could allow an attacker to modify arbitrary files on the affected product's management console.
Credit: security@trendmicro.com security@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trendmicro Apex One | <=b1066 | |
Trendmicro Apex One As A Service | <2019-03-27 | |
Trendmicro Business Security | =9.0-sp3 | |
Trendmicro Officescan | =11.0-sp1 | |
Trendmicro Officescan | =xg | |
Trendmicro Officescan | =xg-sp1 | |
Trendmicro Worry-free Business Security | =9.5 | |
Trendmicro Worry-free Business Security | =10.0 | |
Microsoft Windows | ||
All of | ||
Any of | ||
Trendmicro Apex One | <=b1066 | |
Trendmicro Apex One As A Service | <2019-03-27 | |
Trendmicro Business Security | =9.0-sp3 | |
Trendmicro Officescan | =11.0-sp1 | |
Trendmicro Officescan | =xg | |
Trendmicro Officescan | =xg-sp1 | |
Trendmicro Worry-free Business Security | =9.5 | |
Trendmicro Worry-free Business Security | =10.0 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2019-9489 is high, with a severity score of 7.5.
CVE-2019-9489 affects Trend Micro Apex One (version XG and 11.0), OfficeScan (version XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5, and 9.0).
An attacker can exploit CVE-2019-9489 by exploiting the directory traversal vulnerability to modify arbitrary files on the affected product's management console.
To mitigate CVE-2019-9489, it is recommended to apply the necessary security patches provided by Trend Micro.
You can find more information about CVE-2019-9489 on the following links: [Link 1](https://success.trendmicro.com/jp/solution/1122253), [Link 2](https://success.trendmicro.com/solution/1122250).