Remote Code Execution Vulnerability in Trend Micro Apex One, OfficeScan XG, and Worry-Free Business Security Servers

Remote Code Execution Vulnerability in Trend Micro Apex One, OfficeScan XG, and Worry-Free Business Security Servers

CVE-2020-8598 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow a remote attacker to execute arbitrary code on affected installations with SYSTEM level privileges. Authentication is not required to exploit this vulnerability.

Learn more about our Cis Benchmark Audit For Microsoft Office.