Main Vulnerability Database Vulnerabilities #VU73708

Security features bypass in Trend Micro Endpoint Encryption Full Disk Encryption - CVE-2023-28005

Published: March 15, 2023

Vulnerability identifier: #VU73708

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-28005

CWE-ID: CWE-254

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Trend Micro

Affected software:
Trend Micro Endpoint Encryption Full Disk Encryption

Detailed vulnerability description

The vulnerability allows an attacker to bypass Secure Boot restrictions.

the vulnerability exists due to incorrect implementation of the Secure Boot feature. An attacker with physical access to device can bypass the Secure Boot restrictions and gain unauthorized access to the system.

How to mitigate CVE-2023-28005

Install updates from vendor's website.

Sources

https://success.trendmicro.com/dcx/s/solution/000292473?language=en_US

Security features bypass in Trend Micro Endpoint Encryption Full Disk Encryption - CVE-2023-28005

Detailed vulnerability description

How to mitigate CVE-2023-28005

Sources

Please verify you're human