Arbitrary Data Write and ROOT Login Bypass Vulnerability in Trend Micro Apex One and OfficeScan XG Server

Arbitrary Data Write and ROOT Login Bypass Vulnerability in Trend Micro Apex One and OfficeScan XG Server

CVE-2020-8599 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login. Authentication is not required to exploit this vulnerability.

Learn more about our Cis Benchmark Audit For Microsoft Office.