CVE-2019-18187

high

Description

Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE). The remote process execution is bound to a web service account, which depending on the web platform used may have restricted permissions. An attempted attack requires user authentication.

References

https://www.tenable.com/blog/cve-2020-8467-cve-2020-8468-vulnerabilities-in-trend-micro-apex-one-and-officescan-exploited-in

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-18187

https://web.archive.org/web/20200215171235/https://success.trendmicro.com/solution/000151730

https://success.trendmicro.com/solution/000151730

Details

Source: Mitre, NVD

Published: 2019-10-28

Updated: 2025-10-30

Known Exploited Vulnerability (KEV)

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.79223