Trend Micro Mobile Security vulnerabilities
4 known vulnerabilities affecting trend_micro/mobile_security.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH2
Vulnerabilities
Page 1 of 1
CVE-2017-14078P2CRITICALCVSS 9.8fixed in 9.7 Patch 32017-09-22
CVE-2017-14078 [CRITICAL] CWE-89 CVE-2017-14078: SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch
SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.
nvd
CVE-2017-14079P2HIGHCVSS 8.8fixed in 9.7 Patch 32017-09-22
CVE-2017-14079 [HIGH] CWE-434 CVE-2017-14079: Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 al
Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.
nvd
CVE-2017-14080P3CRITICALCVSS 9.8fixed in 9.7 Patch 32017-09-22
CVE-2017-14080 [CRITICAL] CWE-287 CVE-2017-14080: Authentication bypass vulnerability in Trend Micro Mobile Security (Enterprise) versions before 9.7
Authentication bypass vulnerability in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allows attackers to access a specific part of the console using a blank password.
nvd
CVE-2016-3664P4HIGHCVSS 7.4≤ 3.12016-05-23
CVE-2016-3664 [HIGH] CWE-200 CVE-2016-3664: Trend Micro Mobile Security for iOS before 3.2.1188 does not verify the X.509 certificate of the mob
Trend Micro Mobile Security for iOS before 3.2.1188 does not verify the X.509 certificate of the mobile application login server, which allows man-in-the-middle attackers to spoof this server and obtain sensitive information via a crafted certificate.
nvd