Trend.Micro.ServerProtect.StRpcSrv.dll.Buffer.Overflow

description-logoDescription

This indicates an attempt to exploit one of three vulnerabilities in Trend Micro ServerProtect for Windows.
These vulnerabilities are caused by boundary check errors in "RPCFN_CMON_SetSvcImpersonateUser", "RPCFN_ENG_NewManualScan" and "RPCFN_SetComputerName" in StRpcSrv.dll. A remote attacker may exploit this to execute arbitrary code.

affected-products-logoAffected Products

Trend Micro ServerProtect 5.58 Build 1176 for Windows and prior versions.

Impact logoImpact

System compromise: Remote code execution.

recomended-action-logoRecommended Actions

Apply the patch, available from the vendor's web site:
http://www.trendmicro.com/ftp/products/patches/spnt_558_win_en_securitypatch4.exe

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2023-08-01 25.612 Name:Trend.
ServerProtect.
StRpcSrv.
dll.
Buffer.
Overflow:Trend.
Micro.
ServerProtect.
StRpcSrv.
dll.
Buffer.
Overflow