CVE-2020-25779 — Insufficient Visual Distinction of Homoglyphs Presented to User in Micro Antivirus FOR MAC

3 documents3 sources

Severity

3.3LOWNVD

EPSS

0.1%

top 77.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Trend Micro Antivirus FOR MAC Trendmicro Antivirus

Timeline

PublishedOct 13

Latest updateMay 24

Description

Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in which a Internationalized Domain Name homograph attack (Puny-code) could be used to add a malicious website to the approved websites list of Trend Micro Antivirus for Mac to bypass the web threat protection feature.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

▶NVDtrendmicro/antivirus2020

▶CVEListV5trend_micro/trend_micro_antivirus_for_mac2020 (v10.x)

Patches

Patch: helpcenter.trendmicro.com ↗Patch: helpcenter.trendmicro.com ↗

🔴Vulnerability Details

GHSA

GHSA-gg6r-pgfq-385r: Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in which a Internationalized Domain Name homograph attack (Puny-code) could be used↗2022-05-24

▶

CVEList

CVE-2020-25779: Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in which a Internationalized Domain Name homograph attack (Puny-code) could be used↗2020-10-13

▶