Unauthenticated File Deletion Vulnerability in Trend Micro Mobile Security for Enterprise
CVE-2022-40980

9.1CRITICAL

Key Information:

Vendor: Trend Micro
Status: Trend Micro Mobile Security For Enterprise
Vendor: CVE Published:; 19 September 2022

Summary

A vulnerability exists in Trend Micro Mobile Security for Enterprise 9.8 SP5 that could allow an unauthorized attacker with access to the Management Server to delete files. This issue has been addressed in Critical Patch 2 for 9.8 SP5, enhancing the security of the system.

Affected Version(s)

Trend Micro Mobile Security for Enterprise 9.8 SP5

References

https://files.trendmicro.com/documentation/readme/tmms_sp...

x_refsource_MISC

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 19, 2022
Vulnerability Reserved
Sep 19, 2022