CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: May 3, 2022

CVE-2020-8468

High

EPSS 18.4%CISA KEV

Trend Micro/Apex One, OfficeScan and Worry-Free Business Security Agents

Description

Trend Micro Apex One, OfficeScan, and Worry-Free Business Security agents contain a content validation escape vulnerability that could allow an attacker to manipulate certain agent client components.

EPSS — Exploit Probability

18.4%

Higher than 95.1% of all CVEs

Required Action

https://nvd.nist.gov/vuln/detail/CVE-2020-8468

Risk Assessment

ELEVATED

In CISA KEV

Details

Severity: High
EPSS: 18.4%
CISA KEV: Yes
Ransomware: Unknown
Articles: 0

Timeline

Published

Nov 3, 2021

Added to KEV

Nov 3, 2021

Remediation Due

May 3, 2022

Affected Product

Trend Micro

Apex One, OfficeScan and Worry-Free Business Security Agents

View all Trend Micro CVEs

External Links

NVD (NIST)CVE Details MITRE CVE