Trend.Micro.Smart.Protection.Server.Notification.Code.Execution

description-logoDescription

This indicates an attack attempt to exploit a Remote Code Execution vulnerability in Trend Micro Smart Protection Server.
The vulnerability is due to an error when the vulnerable software attempts to handle a maliciously crafted user input. An attacker can exploit this to execute arbitrary code within the context of the target application, via a crafted request.

affected-products-logoAffected Products

Trend Micro Smart Protection Server Version 2.5
Trend Micro Smart Protection Server Version 2.6
Trend Micro Smart Protection Server Version 3.0

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary code within the context of the target system.

recomended-action-logoRecommended Actions

Apply the latest patch from the vendor.
https://success.trendmicro.com/solution/1114913

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-12-17 16.982 Sig Added
2019-06-10 14.629 Severity:medium:high