A vulnerability was found in Trend Micro OfficeScan XG (Anti-Malware Software) (affected version not known). It has been declared as critical. This vulnerability affects some unknown functionality of the component File Permission. The manipulation with an unknown input leads to a permission vulnerability. The CWE definition for the vulnerability is CWE-275. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:

A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to potentially manipulate permissions on some key files to modify other files and folders on vulnerable installations.

The bug was discovered 12/05/2018. The weakness was shared 12/21/2018 (Website). The advisory is shared for download at success.trendmicro.com. This vulnerability was named CVE-2018-18332 since 10/15/2018. The exploitation appears to be easy. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. There are neither technical details nor an exploit publicly available. The current price for an exploit might be approx. USD $5k-$25k (estimation calculated on 04/23/2020). The MITRE ATT&CK project declares the attack technique as T1222.

The vulnerability was handled as a non-public zero-day exploit for at least 16 days. During that time the estimated underground price was around $5k-$25k.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

The entry 128283 is related to this item.

Productinfo

Type

• Anti-Malware Software

Vendor

• Trend Micro

Name

• OfficeScan XG

License

• commercial

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion