CVE-2022-40980

3 documents3 sources

Severity

9.1CRITICAL

EPSS

0.6%

top 31.01%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Trend Micro Trend Micro Mobile Security FOR Enterprise Trendmicro Mobile Security

Timeline

PublishedSep 19

Latest updateSep 20

Description

A potential unathenticated file deletion vulnerabilty on Trend Micro Mobile Security for Enterprise 9.8 SP5 could allow an attacker with access to the Management Server to delete files. This issue was resolved in 9.8 SP5 Critical Patch 2.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:HExploitability: 3.9 | Impact: 5.2

Affected Packages2 packages

▶CVEListV5trend_micro/trend_micro_mobile_security_for_enterprise9.8 SP5

▶NVDtrendmicro/mobile_security9.8

🔴Vulnerability Details

GHSA

GHSA-pm46-3853-ghj5: A potential unathenticated file deletion vulnerabilty on Trend Micro Mobile Security for Enterprise 9↗2022-09-20

▶

CVEList

CVE-2022-40980: A potential unathenticated file deletion vulnerabilty on Trend Micro Mobile Security for Enterprise 9↗2022-09-19

▶