OpenCVE

A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Please note that version 1909 (OS Build 18363.719) of Microsoft Windows 10 mitigates hard links, but previous versions are affected.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows
Trendmicro	Apex One Worry-free Business Security

Configuration 1 [-]

AND

OR	cpe:2.3:a:trendmicro:apex_one:2019:::::::*
	cpe:2.3:a:trendmicro:apex_one:saas:::::::*
	cpe:2.3:a:trendmicro:worry-free_business_security:10.0:sp1::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://success.trendmicro.com/solution/000263632
https://success.trendmicro.com/solution/000267260
https://www.zerodayinitiative.com/advisories/ZDI-20-1094/

History

No history.

MITRE

Status: PUBLISHED

Assigner: trendmicro

Published: 2020-09-01T18:55:27

Updated: 2024-08-04T15:19:07.575Z

Reserved: 2020-08-20T00:00:00

Link: CVE-2020-24557

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-09-01T19:15:11.870

Modified: 2024-11-21T05:14:59.217

Link: CVE-2020-24557

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Trend Micro Apex One", "vendor": "Trend Micro", "versions": [{"status": "affected", "version": "2009 (on premise), SaaS"}]}, {"product": "Trend Micro Worry-Free Business Security ", "vendor": "Trend Micro", "versions": [{"status": "affected", "version": "10.0 SP1"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Please note that version 1909 (OS Build 18363.719) of Microsoft Windows 10 mitigates hard links, but previous versions are affected."}], "problemTypes": [{"descriptions": [{"description": "Improper Access Control Privilege Escalation", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-04-22T21:21:21", "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272", "shortName": "trendmicro"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://success.trendmicro.com/solution/000263632"}, {"tags": ["x_refsource_MISC"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1094/"}, {"tags": ["x_refsource_MISC"], "url": "https://success.trendmicro.com/solution/000267260"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@trendmicro.com", "ID": "CVE-2020-24557", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Trend Micro Apex One", "version": {"version_data": [{"version_value": "2009 (on premise), SaaS"}]}}, {"product_name": "Trend Micro Worry-Free Business Security ", "version": {"version_data": [{"version_value": "10.0 SP1"}]}}]}, "vendor_name": "Trend Micro"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Please note that version 1909 (OS Build 18363.719) of Microsoft Windows 10 mitigates hard links, but previous versions are affected."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper Access Control Privilege Escalation"}]}]}, "references": {"reference_data": [{"name": "https://success.trendmicro.com/solution/000263632", "refsource": "MISC", "url": "https://success.trendmicro.com/solution/000263632"}, {"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1094/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1094/"}, {"name": "https://success.trendmicro.com/solution/000267260", "refsource": "MISC", "url": "https://success.trendmicro.com/solution/000267260"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T15:19:07.575Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://success.trendmicro.com/solution/000263632"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1094/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://success.trendmicro.com/solution/000267260"}]}]}, "cveMetadata": {"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272", "assignerShortName": "trendmicro", "cveId": "CVE-2020-24557", "datePublished": "2020-09-01T18:55:27", "dateReserved": "2020-08-20T00:00:00", "dateUpdated": "2024-08-04T15:19:07.575Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"cisaActionDue": "2022-05-03", "cisaExploitAdd": "2021-11-03", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Trend Micro Multiple Products Improper Access Control Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*", "matchCriteriaId": "AF019D2D-C426-4D2D-A254-442CE777B41E", "vulnerable": true}, {"criteria": "cpe:2.3:a:trendmicro:apex_one:saas:*:*:*:*:*:*:*", "matchCriteriaId": "0BD39638-1D52-4FA8-BBA0-305795D7D2E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:trendmicro:worry-free_business_security:10.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "FFCE8717-85D2-4F4F-91DF-C6DA341C4E19", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Please note that version 1909 (OS Build 18363.719) of Microsoft Windows 10 mitigates hard links, but previous versions are affected."}, {"lang": "es", "value": "Una vulnerabilidad en Trend Micro Apex One y Worry-Free Business Security 10.0 SP1 en Microsoft Windows puede permitir a un atacante manipular una carpeta de un producto en particular para deshabilitar la seguridad temporalmente, violar una funci\u00f3n espec\u00edfica de Windows y lograr una escalada de privilegios. Un atacante debe primero obtener la capacidad de ejecutar c\u00f3digo poco privilegiado en el sistema objetivo para explotar esta vulnerabilidad. Tenga en cuenta que la versi\u00f3n 1909 (compilaci\u00f3n del SO 18363.719) de Microsoft Windows 10 mitiga los enlaces f\u00edsicos, pero las versiones anteriores est\u00e1n afectadas"}], "id": "CVE-2020-24557", "lastModified": "2024-11-21T05:14:59.217", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-09-01T19:15:11.870", "references": [{"source": "security@trendmicro.com", "tags": ["Vendor Advisory"], "url": "https://success.trendmicro.com/solution/000263632"}, {"source": "security@trendmicro.com", "tags": ["Vendor Advisory"], "url": "https://success.trendmicro.com/solution/000267260"}, {"source": "security@trendmicro.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1094/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://success.trendmicro.com/solution/000263632"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://success.trendmicro.com/solution/000267260"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1094/"}], "sourceIdentifier": "security@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}