Vulnerability in Trend Micro Interscan Web Security Virtual Appliance
CVE-2020-8605
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitrary code on affected installations. Authentication is required to exploit this vulnerability.
EPSS: 0.895 (99.6th percentile) — read the EPSS interpretation.
Affected products
- Trend Micro Interscan Web Security Virtual Appliance — versions 6.5
Public proof-of-concept exploits
References
- www.zerodayinitiative.com/advisories/ZDI-20-676/ (x_refsource_MISC)
- success.trendmicro.com/solution/000253095 (x_refsource_MISC)
- packetstormsecurity.com/files/158171/Trend-Micro-Web-Security-Virtual-Appliance… (x_refsource_MISC)
- packetstormsecurity.com/files/158423/Trend-Micro-Web-Security-Remote-Code-Execu… (x_refsource_MISC)
Frequently asked questions
- What is CVE-2020-8605?
- CVE-2020-8605 is a vulnerability in Trend Micro Interscan Web Security Virtual Appliance. Published 2020-05-27.
- Is CVE-2020-8605 known to be exploited?
- 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.