First published: Mon Jun 26 2023(Updated: )
Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32524.
Credit: security@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trend Micro Mobile Security for Enterprises | ||
Trendmicro Mobile Security | =9.8-sp5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-32523 is a critical vulnerability in Trend Micro Mobile Security for Enterprises widget WFUser Authentication Bypass.
CVE-2023-32523 has a severity rating of 9.8, which is considered critical.
CVE-2023-32523 allows remote attackers to bypass authentication on affected installations of Trend Micro Mobile Security for Enterprises, without requiring authentication to exploit the vulnerability.
The vulnerability affects Trend Micro Mobile Security for Enterprises version 9.8, service pack 5 (9.8-sp5).
To fix CVE-2023-32523, it is recommended to upgrade to the latest version of Trend Micro Mobile Security for Enterprises.