vulnerability

Trend Micro OfficeScan: CVE-2020-8468: Improper Neutralization of Special Elements in Output Used by a Downstream Component

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:S/C:P/I:P/A:P)	2020-03-18	2025-03-21	2025-03-24

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:P/A:P)

Published

2020-03-18

Added

2025-03-21

Modified

2025-03-24

Description

Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication.

Solution

trend-micro-officescan-upgrade-latest

References

CVE-2020-8468
https://attackerkb.com/topics/CVE-2020-8468
URL-https://success.trendmicro.com/en-US/solution/KA-0010281

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today