← volver
CVE-2020-24560

CVE-2020-24560

EPSS 1.8%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 1.8%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
24 sep 2020Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one. CWE-295: Improper server certificate verification in the communication with the update server.
Productos afectados
Trend Micro · Trend Micro Security (Consumer)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://helpcenter.trendmicro.com/en-us/article/TMKA-09890https://helpcenter.trendmicro.com/ja-jp/article/TMKA-09673https://jvn.jp/en/jp/JVN60093979/https://jvn.jp/jp/JVN60093979/