Is CVE-2020-8604 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Trend Micro Interscan Web Security Virtual Appliance

CVE-2020-8604

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to disclose sensitive informatoin on affected installations.

EPSS: 0.829 (99.3th percentile) — read the EPSS interpretation.

Affected products

Trend Micro Interscan Web Security Virtual Appliance — versions 6.5

Public proof-of-concept exploits

References

www.zerodayinitiative.com/advisories/ZDI-20-678/ (x_refsource_MISC)
success.trendmicro.com/solution/000253095 (x_refsource_MISC)
packetstormsecurity.com/files/158171/Trend-Micro-Web-Security-Virtual-Appliance… (x_refsource_MISC)
packetstormsecurity.com/files/158423/Trend-Micro-Web-Security-Remote-Code-Execu… (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-8604?: CVE-2020-8604 is a vulnerability in Trend Micro Interscan Web Security Virtual Appliance. Published 2020-05-27.
Is CVE-2020-8604 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.