CVE-2020-25773

high

Description

A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to execute arbitrary code on affected products. User interaction is required to exploit this vulnerability in that the target must import a corrupted configuration file.

References

https://www.zerodayinitiative.com/advisories/ZDI-20-1224/

https://success.trendmicro.com/solution/000271974

Details

Source: Mitre, NVD

Published: 2020-09-29

Updated: 2020-10-02

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

Detections

Analytics