Vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 Allows Remote Code Execution as Root

Vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 Allows Remote Code Execution as Root

CVE-2020-8465 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updates using a combination of CSRF bypass (CVE-2020-8461) and authentication bypass (CVE-2020-8464) to execute code as user root.

Learn more about our Web App Pen Testing.