CVE-2020-8602

A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
trendmicroCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
VendorProductVersion
trendmicrodeep_security_manager
10.0
trendmicrodeep_security_manager
11.0
trendmicrodeep_security_manager
12.0
trendmicrovulnerability_protection
2.0:sp2
𝑥
= Vulnerable software versions
References
https://success.trendmicro.com/solution/000252039
https://success.trendmicro.com/solution/000252039