Summary:
Trend Micro antivirus maker has released patches on Monday to address the two zero-days, along with three other similarly critical issues (although, not exploited in the wild, YET).
A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote malicious users to execute arbitrary code on affected installations (RCE). An attempted attack requires user authentication.
Description:
According to the alert, the two zero-days impact the company’s Apex One and OfficeScan XG enterprise security products.
The first of two flaws under attack is a critical vulnerability (CVE-2020-8467) that exists in the migration tool component of Apex One and OfficeScan. The flaw could allow remote code execution on affected installations. While attackers could be remote, an attempted attack for this flaw requires authentication.
The second flaw actively targeted is a high-severity bug (CVE-2020-8468) in Apex One and OfficeScan. According to the advisory, affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication.
Affected Products:
Apex One 2019
OfficeScan XG SP1 as well as XG non-SP
Advisory:
https://success.trendmicro.com/solution/000245571
Mitigation:
Customers are encouraged to visit Trend Micro’s Download Center to obtain prerequisite software (such as Service Packs) before applying any of the solutions.