cbcvebase.
CVE-2020-8468
published 2020-03-18

CVE-2020-8468: Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability…

PriorityP182high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-05-03
Exploited in the wild
EPSS
5.75%
92.1th percentile
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication.

Affected

5 ranges
VendorProductVersion rangeFixed in
trendmicroapex_one
trendmicroofficescan
trendmicroworry-free_business_security
trendmicroworry-free_business_security
trendmicroworry-free_business_security

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability affects Trend Micro Apex One (2019), OfficeScan XG, and Worry-Free Business Security (9.0, 9.5, 10.0) agent components — monitor for unexpected manipulation or tampering of agent client components on endpoints running these products
  • Exploitation requires authenticated access — investigate authenticated sessions or accounts interacting with Trend Micro agent components for anomalous behavior
  • This CVE is listed in CISA KEV, indicating confirmed in-the-wild exploitation — prioritize detection and patching on internet-exposed or enterprise endpoints running affected Trend Micro agents
  • ·Affected product versions are specifically Apex One (2019), OfficeScan XG, and Worry-Free Business Security versions 9.0, 9.5, and 10.0 — detections should be scoped to these versions only

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
vulncheck8.8HIGH
cisa8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.