cnvd - cnvd-2020-52195

cnvd-2020-52195

Vulnerability from cnvd

Title: Trend Micro Apex One权限提升漏洞（CNVD-2020-52195）

Description:

Trend Micro Apex One是一个端点防护解决方案，可提供最广泛的防护功能，包括高准度机器学习与进阶勒索病毒防护。

Trend Micro Apex One中的ApexOne Security Agent的控制对Misc文件夹访问的逻辑存在权限提升漏洞。攻击者可利用该漏洞提升权限并在SYSTEM上下文中执行代码。

Severity: 高

Patch Name: Trend Micro Apex One权限提升漏洞（CNVD-2020-52195）的补丁

Patch Description:

Trend Micro Apex One是一个端点防护解决方案，可提供最广泛的防护功能，包括高准度机器学习与进阶勒索病毒防护。

Trend Micro Apex One中的ApexOne Security Agent的控制对Misc文件夹访问的逻辑存在权限提升漏洞。攻击者可利用该漏洞提升权限并在SYSTEM上下文中执行代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://success.trendmicro.com/solution/000263632

Reference: https://www.zerodayinitiative.com/advisories/ZDI-20-1094/

Impacted products

Name
Trend Micro Apex One

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-24557",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-24557"
    }
  },
  "description": "Trend Micro Apex One\u662f\u4e00\u4e2a\u7aef\u70b9\u9632\u62a4\u89e3\u51b3\u65b9\u6848\uff0c\u53ef\u63d0\u4f9b\u6700\u5e7f\u6cdb\u7684\u9632\u62a4\u529f\u80fd\uff0c\u5305\u62ec\u9ad8\u51c6\u5ea6\u673a\u5668\u5b66\u4e60\u4e0e\u8fdb\u9636\u52d2\u7d22\u75c5\u6bd2\u9632\u62a4\u3002\n\nTrend Micro Apex One\u4e2d\u7684ApexOne Security Agent\u7684\u63a7\u5236\u5bf9Misc\u6587\u4ef6\u5939\u8bbf\u95ee\u7684\u903b\u8f91\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u5e76\u5728SYSTEM\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4ee3\u7801\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://success.trendmicro.com/solution/000263632",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-52195",
  "openTime": "2020-09-16",
  "patchDescription": "Trend Micro Apex One\u662f\u4e00\u4e2a\u7aef\u70b9\u9632\u62a4\u89e3\u51b3\u65b9\u6848\uff0c\u53ef\u63d0\u4f9b\u6700\u5e7f\u6cdb\u7684\u9632\u62a4\u529f\u80fd\uff0c\u5305\u62ec\u9ad8\u51c6\u5ea6\u673a\u5668\u5b66\u4e60\u4e0e\u8fdb\u9636\u52d2\u7d22\u75c5\u6bd2\u9632\u62a4\u3002\r\n\r\nTrend Micro Apex One\u4e2d\u7684ApexOne Security Agent\u7684\u63a7\u5236\u5bf9Misc\u6587\u4ef6\u5939\u8bbf\u95ee\u7684\u903b\u8f91\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u5e76\u5728SYSTEM\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Trend Micro Apex One\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff08CNVD-2020-52195\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Trend Micro Apex One"
  },
  "referenceLink": "https://www.zerodayinitiative.com/advisories/ZDI-20-1094/",
  "serverity": "\u9ad8",
  "submitTime": "2020-09-01",
  "title": "Trend Micro Apex One\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff08CNVD-2020-52195\uff09"
}

CVE-2020-24557 (GCVE-0-2020-24557)

Vulnerability from cvelistv5

Published

2020-09-01 18:55

Modified

2025-07-30 01:45

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

Improper Access Control Privilege Escalation

Summary

A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Please note that version 1909 (OS Build 18363.719) of Microsoft Windows 10 mitigates hard links, but previous versions are affected.

References

▼	URL	Tags
	https://success.trendmicro.com/solution/000263632	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-20-1094/	x_refsource_MISC
	https://success.trendmicro.com/solution/000267260	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

Trend Micro

Trend Micro Apex One

Version: 2009 (on premise), SaaS

Trend Micro

Trend Micro Worry-Free Business Security

Version: 10.0 SP1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:19:07.575Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000263632"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1094/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000267260"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2020-24557",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-06T19:41:43.764667Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-24557"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:45:36.007Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-03T00:00:00+00:00",
            "value": "CVE-2020-24557 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Apex One",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "2009 (on premise), SaaS"
            }
          ]
        },
        {
          "product": "Trend Micro Worry-Free Business Security ",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "10.0 SP1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Please note that version 1909 (OS Build 18363.719) of Microsoft Windows 10 mitigates hard links, but previous versions are affected."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Access Control Privilege Escalation",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-22T21:21:21.000Z",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/solution/000263632"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1094/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/solution/000267260"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2020-24557",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro Apex One",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2009 (on premise), SaaS"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Trend Micro Worry-Free Business Security ",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.0 SP1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Please note that version 1909 (OS Build 18363.719) of Microsoft Windows 10 mitigates hard links, but previous versions are affected."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Improper Access Control Privilege Escalation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/000263632",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/solution/000263632"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1094/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1094/"
            },
            {
              "name": "https://success.trendmicro.com/solution/000267260",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/solution/000267260"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2020-24557",
    "datePublished": "2020-09-01T18:55:27.000Z",
    "dateReserved": "2020-08-20T00:00:00.000Z",
    "dateUpdated": "2025-07-30T01:45:36.007Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted