First published: Wed Mar 18 2020(Updated: )
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication.
Credit: security@trendmicro.com security@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trend Micro Apex One, OfficeScan and Worry-Free Business Security Agents | ||
Trendmicro Apex One | =2019 | |
Trendmicro Officescan | =xg | |
Trendmicro Officescan | =xg-sp1 | |
Trendmicro Worry-free Business Security | =9.0-sp3 | |
Trendmicro Worry-free Business Security | =9.5 | |
Trendmicro Worry-free Business Security | =10.0 | |
Trendmicro Worry-free Business Security | =10.0-sp1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-8468 is a vulnerability known as Trend Micro Multiple Products Content Validation Escape Vulnerability.
Trend Micro Apex One (2019), OfficeScan XG, and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by CVE-2020-8468.
CVE-2020-8468 has a severity rating of 8.8, which is considered high.
An attacker can exploit CVE-2020-8468 by manipulating certain agent client components, but authentication is required.
To fix CVE-2020-8468, it is recommended to apply the necessary security patches or updates provided by Trend Micro.