Unauthenticated File Deletion Vulnerability in Trend Micro Mobile Security for Enterprise
CVE-2022-40980

9.1CRITICAL

Key Information:

Vendor

Trend Micro
Status
Trend Micro Mobile Security For Enterprise
Vendor
CVE Published:
19 September 2022

What is CVE-2022-40980?

A vulnerability exists in Trend Micro Mobile Security for Enterprise 9.8 SP5 that could allow an unauthorized attacker with access to the Management Server to delete files. This issue has been addressed in Critical Patch 2 for 9.8 SP5, enhancing the security of the system.

Affected Version(s)

Trend Micro Mobile Security for Enterprise 9.8 SP5

References

https://files.trendmicro.com/documentation/readme/tmms_sp...
x_refsource_MISC

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.