Rewterz Threat Advisory – CVE-2020-24557 – Urgent Update Regarding Trend Micro Vulnerability

Rewterz Threat Alert – Trickbot – Active IOCs

April 22, 2021

Rewterz Threat Advisory – CVE-2021-20590 – ICS: Mitsubishi Electric GOT

April 23, 2021

Rewterz Threat Advisory – CVE-2020-24557 – Urgent Update Regarding Trend Micro Vulnerability

Severity

High

Analysis Summary

CVE-2020-24557

The vulnerability released by Trend Micro is present in products such as Apex One, Apex One as a Service, and OfficeScan. The vulnerability can be exploited by an attacked to manipulate a particular product folder to disable the security temporarily in Microsoft Windows. Once the attacker gains the ability to execute a low-privileged code on the target system, they can abuse a specific Windows function and attain privilege escalation or disable security features. The vulnerability is being exploited in the wild.

Impact

Privilege Escalation
Remote Code Execution

Affected Vendors

TrendMicro

Affected Products

Trend Micro Apex One 2019 prior to Build 8422
Trend Micro Apex One as a Service prior to Build 202008
OfficeScan prior to XG SP1 Build 5702

Remediation

Apply the latest critical patches released by Trend Micro at https://appweb.trendmicro.com/SupportNews/NewsDetail.aspx?id=4126

Rewterz Annual Threat Intelligence Report 2025 - Download Now

Rewterz Threat Alert – Trickbot – Active IOCs

Rewterz Threat Advisory – CVE-2021-20590 – ICS: Mitsubishi Electric GOT

Rewterz Threat Advisory – CVE-2020-24557 – Urgent Update Regarding Trend Micro Vulnerability

Severity

Analysis Summary

CVE-2020-24557

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan