Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

mercredi 18 mars 2020

Multiple Critical Vulnerabilities in Trend Micro (CERT-EU Security Advisory 2020-016)

On the 16th of March 2020, Trend Micro has released critical patches for two remote code execution vulnerabilities in Trend Micro Apex One and OfficeScan XG along with other three critical vulnerabilities. Trend Micro confirmed that they identified active attempts against the zero-day vulnerabilities, but without disclosing more details. It is strongly recommended to update, especially because exploits are available and there were attack attempts. Even if the zero-days require user authentication, they could be used in a post-compromise scenario to either disable the security products or elevate the attackers' privileges on machines running the two Trend Micro antivirus products.

Lien vers l'article source

Auteur: Cert EU

Catégories: CertEUNombre de vues: 307


Événements SSI