SB2020083112 - Multiple vulnerabilities in Trend Micro Vulnerability Protection

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Insufficient verification of data authenticity (CVE-ID: CVE-2020-8602)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to insufficient verification of data authenticity issue in management console. A remote administrator can bypass file integrity checks and execute arbitrary code on the target system.

2) Improper Authentication (CVE-ID: CVE-2020-15601)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error when processing authentication requests, if LDAP authentication is enabled. A remote attacker can bypass authentication process and gain unauthorized access to the application.

3) Improper Authentication (CVE-ID: CVE-2020-15605)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error when processing authentication requests within the Vulnerability Protection console, if LDAP authentication is enabled. A remote attacker can bypass authentication process and gain unauthorized access to the application.

Remediation

Install update from vendor's website.

References

• https://success.trendmicro.com/solution/000252039
• https://www.zerodayinitiative.com/advisories/ZDI-20-1077/
• https://www.zerodayinitiative.com/advisories/ZDI-20-1083/