CVE-2020-8467
published 2020-03-18CVE-2020-8467: A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary…
PriorityP182high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-05-03
Exploited in the wild
EPSS
10.79%
95.3th percentile
A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE). An attempted attack requires user authentication.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| trendmicro | apex_one | — | — |
| trendmicro | officescan | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability exists in the migration tool component of Trend Micro Apex One (2019) and OfficeScan XG; monitor for unusual or unauthorized requests targeting migration tool endpoints ↗
- →Exploitation requires authenticated sessions; monitor for authenticated users making anomalous requests to migration tool functionality, which may indicate credential abuse prior to RCE ↗
- ·This CVE is listed in CISA's Known Exploited Vulnerabilities catalog, confirming active in-the-wild exploitation; treat as high-priority patching target ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
vulncheck8.8HIGH
cisa8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-fj9h-545h-php8: A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arb
ghsa_unreviewed·2022-05-24
CVE-2020-8467 [MEDIUM] GHSA-fj9h-545h-php8: A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arb
A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE). An attempted attack requires user authentication.
VulnCheck
Trend Micro Apex One and OfficeScan Remote Code Execution Vulnerability
vulncheck·2020·CVSS 8.8
CVE-2020-8467 [HIGH] Trend Micro Apex One and OfficeScan Remote Code Execution Vulnerability
Trend Micro Apex One and OfficeScan Remote Code Execution Vulnerability
Trend Micro Apex One and OfficeScan contain an unspecified vulnerability within a migration tool component that allows for remote code execution.
Affected: Trend Micro Apex One and OfficeScan
Required Action: Apply updates per vendor instructions.
Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://success.trendmicro.com/dcx/s/solution/000245571-SECURITY-BULLETIN-Multiple-Critical-Vulnerabilities-in-Trend-Micro-Apex-One-and-OfficeScan; https://therecord.media/hackers-tried-to-exploit-two-zero-days-in-trend-micros-apex-one-edr-platform; https://success.trendmicro.com/en-US/solution/KA-0010281; https://www.cisa.gov/sites/default/files/feeds/known_
CISA
Trend Micro Apex One and OfficeScan Remote Code Execution Vulnerability
cisa·2021-11-03·CVSS 8.8
CVE-2020-8467 [HIGH] Trend Micro Apex One and OfficeScan Remote Code Execution Vulnerability
Vulnerability: Trend Micro Apex One and OfficeScan Remote Code Execution Vulnerability
Affected: Trend Micro Apex One and OfficeScan
Trend Micro Apex One and OfficeScan contain an unspecified vulnerability within a migration tool component that allows for remote code execution.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2020-8467
Remediation Due Date: 2022-05-03
No detection rules found.
No public exploits indexed.
Tenable
CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild
blogs_tenable·2025-08-06·CVSS 9.4
[CRITICAL] CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
CVE-2022-40139: Vulnerability in Trend Micro Apex One Exploited in the Wild
blogs_tenable·2022-09-14·CVSS 7.2
[HIGH] CVE-2022-40139: Vulnerability in Trend Micro Apex One Exploited in the Wild
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Qualys
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR | Qualys
blogs_qualys·2022-02-23
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR | Qualys
#### Table of Contents
- Situation
- Directive Scope
- CISA Catalog of Known Exploited Vulnerabilities
- Detect CISA Vulnerabilities Using Qualys VMDR
- CISA Exploited RTI
- Detailed Operational Dashboard
- Remediation
- Federal Enterprises and Agencies Can Act Now
- Summary
- Getting Started
CISA released a directive in November 2021, recommending urgent and prioritized remediation of actively exploited vulnerabilities. Both government agencies and corporations should heed this advice. This blog outlines how Qualys Vulnerability Management, Detection & Response can be used by any organization to respond to this directive efficiently and effectively.
## Situation
Last November 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a Binding Operational Directiv
Tenable
CVE-2020-8467, CVE-2020-8468: Vulnerabilities in Trend Micro Apex One and OfficeScan Exploited in the Wild
blogs_tenable·2020-03-17·CVSS 8.8
[HIGH] CVE-2020-8467, CVE-2020-8468: Vulnerabilities in Trend Micro Apex One and OfficeScan Exploited in the Wild
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
2020-03-18
Published
2021-11-03
Added to CISA KEV
Exploited in the wild