Path Traversal Vulnerability in Trend Micro Mobile Security Solution
CVE-2023-32522

8.1HIGH

Key Information:

Vendor: Trend Micro
Status: Trend Micro Moibile Security For Enterprise
Vendor: CVE Published:; 26 June 2023

Summary

A path traversal vulnerability in Trend Micro Mobile Security (Enterprise) 9.8 SP5 potentially allows an authenticated remote attacker to delete arbitrary files on the system. This exploitation requires the attacker to have the ability to execute low-privileged code, making it a nuanced risk. Proper configurations and monitoring are vital to mitigate this security issue and protect sensitive data.

Affected Version(s)

Trend Micro Moibile Security for Enterprise 9.8 SP5 < 9.8.3294

References

https://success.trendmicro.com/dcx/s/solution/000293106?l...

https://www.tenable.com/security/research/tra-2023-17

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 26, 2023
Vulnerability Reserved
May 9, 2023