April 29, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Trickbot – Active IOCs
April 22, 2021Rewterz Threat Advisory – CVE-2021-20590 – ICS: Mitsubishi Electric GOT
April 23, 2021Rewterz Threat Alert – Trickbot – Active IOCs
April 22, 2021Rewterz Threat Advisory – CVE-2021-20590 – ICS: Mitsubishi Electric GOT
April 23, 2021
Severity
High
Analysis Summary
CVE-2020-24557
The vulnerability released by Trend Micro is present in products such as Apex One, Apex One as a Service, and OfficeScan. The vulnerability can be exploited by an attacked to manipulate a particular product folder to disable the security temporarily in Microsoft Windows. Once the attacker gains the ability to execute a low-privileged code on the target system, they can abuse a specific Windows function and attain privilege escalation or disable security features. The vulnerability is being exploited in the wild.
Impact
- Privilege Escalation
- Remote Code Execution
Affected Vendors
TrendMicro
Affected Products
- Trend Micro Apex One 2019 prior to Build 8422
- Trend Micro Apex One as a Service prior to Build 202008
- OfficeScan prior to XG SP1 Build 5702
Remediation
Apply the latest critical patches released by Trend Micro at https://appweb.trendmicro.com/SupportNews/NewsDetail.aspx?id=4126
