CVE-2020-25773

A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to execute arbitrary code on affected products. User interaction is required to exploit this vulnerability in that the target must import a corrupted configuration file.

Published: Sep 29, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-25773
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-415

Affected Software
References

Software	From	Fixed in
trendmicro / apex_one	2019	2019.x
trendmicro / apex_one	saas	saas.x

https://success.trendmicro.com/solution/000271974
https://www.zerodayinitiative.com/advisories/ZDI-20-1224/

Vulnerability Database

290,020

CVE-2020-25773