ZDI-CAN-5552: Trend Micro Encryption for Email Gateway LauncherServer DownloadBlackList Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Encryption for Email Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The flaw exists within the LauncherServer. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of root.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Trend Micro Encryption for Email |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of ZDI-CAN-5552?
ZDI-CAN-5552 is considered critical due to the potential for remote code execution.
How do I fix ZDI-CAN-5552?
To fix ZDI-CAN-5552, update your Trend Micro Encryption for Email Gateway to the latest patched version.
What type of vulnerability is ZDI-CAN-5552?
ZDI-CAN-5552 is a remote code execution vulnerability.
Who is affected by ZDI-CAN-5552?
Organizations using vulnerable versions of Trend Micro Encryption for Email Gateway are affected by ZDI-CAN-5552.
Is authentication required to exploit ZDI-CAN-5552?
Yes, authentication is required, but the vulnerability allows for bypassing the existing authentication mechanism.
- agent/references
- agent/softwarecombine
- agent/severity
- agent/title
- agent/type
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-18-416
- alias/ZDI-CAN-5552
- alias/CVE-2018-10354
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/trend micro
- canonical/trend micro encryption for email