CVE-2020-8470 Information
Feb 14, 2021
cve
Description
Trend Micro Apex One (2019) OfficeScan XG and Worry-Free Business Security (9.0 9.5 10.0) server contains a vulnerable service DLL file that could allow an attacker to delete any file on the server with SYSTEM level privileges. Authentication is not required to exploit this vulnerability.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Reference
https://success.trendmicro.com/jp/solution/000244253 https://success.trendmicro.com/jp/solution/000244836 https://success.trendmicro.com/solution/000245571 https://success.trendmicro.com/solution/000245572
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
HIGH
Base Score
NONE
Base Severity
7.5
Share on: