← ExploitWatch
HomeExploited Vulnerabilities

CVE-2020-24557 — Actively Exploited: Apex One, OfficeScan, and Worry-Free Business Security (Trend Micro)

Trend Micro Apex One, OfficeScan, and Worry-Free Business Security on Microsoft Windows contain an improper access control vulnerability that may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function, and attain privilege escalation.

CVE IDCVE-2020-24557
VendorTrend Micro
ProductApex One, OfficeScan, and Worry-Free Business Security
Vulnerability nameTrend Micro Multiple Products Improper Access Control Vulnerability
Date added2021-11-03
Remediation due2022-05-03
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionTrend Micro Apex One, OfficeScan, and Worry-Free Business Security on Microsoft Windows contain an improper access control vulnerability that may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function, and attain privilege escalation.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →