Path Traversal Vulnerability in Trend Micro Mobile Security Service DLL
CVE-2023-32521

9.1CRITICAL

Key Information:

Vendor: Trend Micro
Status: Trend Micro Moibile Security For Enterprise
Vendor: CVE Published:; 26 June 2023

Summary

A path traversal vulnerability exists in a specific service DLL of Trend Micro Mobile Security (Enterprise) version 9.8 SP5. This flaw may allow an unauthenticated remote attacker to exploit the vulnerability and potentially delete arbitrary files on the server. Proper security measures and patches are recommended to mitigate this issue.

Affected Version(s)

Trend Micro Moibile Security for Enterprise 9.8 SP5 < 9.8.3294

References

https://success.trendmicro.com/dcx/s/solution/000293106?l...

https://www.tenable.com/security/research/tra-2023-17

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 26, 2023
Vulnerability Reserved
May 9, 2023