Two Trend Micro zero-days exploited in the wild by hackers

mood · Mar 18, 2020

Two Trend Micro zero-days exploited in the wild by hackers
Patches for both zero-days were released on Monday
March 17, 2020
https://www.zdnet.com/article/two-trend-micro-zero-days-exploited-in-the-wild-by-hackers/

Hackers tried to exploit two zero-days in Trend Micro antivirus products, the company said in a security alert this week.

The Japanese antivirus maker has released patches on Monday to address the two zero-days, along with three other similarly critical issues (although, not exploited in the wild).
According to the alert, the two zero-days impact the company's Apex One and OfficeScan XG enterprise security products.

These two zero-days mark the second and third Trend Micro antivirus bugs exploited in the wild in the last year.
Click to expand...

ZERO-DAY DETAILS
Per Trend Micro's security bulletin, the two zero-days are:

1. CVE-2020-8467: CVSS 9.1 (CRITICAL) - A migration tool component of Trend Micro Apex One and OfficeScan contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE). An attempted attack requires user authentication.
2. CVE-2020-8468: CVSS 8.0 (HIGH) - Trend Micro Apex One and OfficeScan agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication.

The two zero-days were most likely used to either disable the security products or elevate the attackers' privileges on machines running the two Trend Micro antivirus products.
Click to expand...

THREE OTHER MAJOR ISSUES
However, despite being exploited in live attacks, the two zero-days were not the worst bugs detailed in Trend Micro recent security bulletin.

The company also warned about the presence of three other vulnerabilities, all of which received a severity rating of 10 out of 10 on the CVSSv3 vulnerability scale.
According to this rating, these vulnerabilities can be exploited remotely over the internet, require no authentication, and allow full control over the antivirus (and inherently the underlying operating system).
Click to expand...

Log in or Sign up

Two Trend Micro zero-days exploited in the wild by hackers

mood Updates Team

Log in or Sign up

Two Trend Micro zero-days exploited in the wild by hackers

mood Updates Team

Useful Searches