Sign-up

ID

VAR-202009-0815


CVE

CVE-2020-25775


TITLE

OfficeScan made by Trend Micro Inc. Vulnerability that can delete arbitrary files in the cloud

Trust: 0.8

sources: JVNDB: JVNDB-2020-009590

DESCRIPTION

The Trend Micro Security 2020 (v16) consumer family of products is vulnerable to a security race condition arbitrary file deletion vulnerability that could allow an unprivileged user to manipulate the product's secure erase feature to delete files with a higher set of privileges. Virus Buster provided by Trend Micro Inc. There is a vulnerability in the cloud that allows low-privileged users to use the product's "data erasure tool" function to delete files with higher permissions. This vulnerability information is provided by the developer for the purpose of disseminating it to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.Any file or folder may be erased by a third party who has access to the product. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of the Secure Erase feature. The issue results from the lack of proper validation of a user-supplied link prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM

Trust: 2.25

sources: NVD: CVE-2020-25775 // JVNDB: JVNDB-2020-009590 // ZDI: ZDI-20-1227

AFFECTED PRODUCTS

vendor:trendmicromodel:premium security 2020scope:lteversion:16.0

Trust: 1.0

vendor:trendmicromodel:internet security 2020scope:lteversion:16.0

Trust: 1.0

vendor:trendmicromodel:maximum security 2020scope:lteversion:16.0

Trust: 1.0

vendor:trendmicromodel:antivirus\+ 2020scope:lteversion:16.0

Trust: 1.0

vendor:trend micromodel:virus buster cloudscope:eqversion:バージョン 16.0

Trust: 0.8

vendor:trend micromodel:maximum securityscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-20-1227 // JVNDB: JVNDB-2020-009590 // NVD: CVE-2020-25775

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-25775
value: MEDIUM

Trust: 1.0

IPA: JVNDB-2020-009590
value: MEDIUM

Trust: 0.8

ZDI: CVE-2020-25775
value: MEDIUM

Trust: 0.7

CNNVD: CNNVD-202009-1650
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2020-25775
severity: MEDIUM
baseScore: 6.3
vectorString: AV:L/AC:M/AU:N/C:N/I:C/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 9.2
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

nvd@nist.gov: CVE-2020-25775
baseSeverity: MEDIUM
baseScore: 6.3
vectorString: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.0
impactScore: 5.2
version: 3.1

Trust: 1.0

IPA score: JVNDB-2020-009590
baseSeverity: MEDIUM
baseScore: 6.3
vectorString: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2020-25775
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: 1.0
impactScore: 4.2
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-20-1227 // JVNDB: JVNDB-2020-009590 // CNNVD: CNNVD-202009-1650 // NVD: CVE-2020-25775

PROBLEMTYPE DATA

problemtype:CWE-362

Trust: 1.8

sources: JVNDB: JVNDB-2020-009590 // NVD: CVE-2020-25775

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202009-1650

TYPE

competition condition problem

Trust: 0.6

sources: CNNVD: CNNVD-202009-1650

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-009590

PATCH
title:アラート/アドバイザリ:ウイルスバスター クラウドの脆弱性について(CVE-2020-25775)url:https://helpcenter.trendmicro.com/ja-jp/article/TMKA-09911
Trust: 0.8
title:Trend Micro has issued an update to correct this vulnerability.url:https://helpcenter.trendmicro.com/en-us/article/TMKA-09909
Trust: 0.7
title:Trend Micro Security 2020 Repair measures for the competition condition problem loopholeurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=129828
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-1227 // 
            
            
            
            JVNDB: JVNDB-2020-009590 // 
            
            
            
            CNNVD: CNNVD-202009-1650

EXTERNAL IDS
db:NVDid:CVE-2020-25775
Trust: 3.1
db:ZDIid:ZDI-20-1227
Trust: 2.3
db:JVNDBid:JVNDB-2020-009590
Trust: 1.4
db:JVNid:JVNVU96249940
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-10819
Trust: 0.7
db:NSFOCUSid:50639
Trust: 0.6
db:CNNVDid:CNNVD-202009-1650
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-1227 // 
            
            
            
            JVNDB: JVNDB-2020-009590 // 
            
            
            
            CNNVD: CNNVD-202009-1650 // 
            
            
            
            NVD: CVE-2020-25775

REFERENCES
url:https://helpcenter.trendmicro.com/en-us/article/tmka-09909
Trust: 2.3
url:https://www.zerodayinitiative.com/advisories/zdi-20-1227/
Trust: 1.6
url:https://nvd.nist.gov/vuln/detail/cve-2020-25775
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-25775
Trust: 0.8
url:https://jvn.jp/vu/jvnvu96249940
Trust: 0.8
url:https://jvndb.jvn.jp/en/contents/2020/jvndb-2020-009590.html
Trust: 0.6
url:http://www.nsfocus.net/vulndb/50639
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-1227 // 
            
            
            
            JVNDB: JVNDB-2020-009590 // 
            
            
            
            CNNVD: CNNVD-202009-1650 // 
            
            
            
            NVD: CVE-2020-25775

CREDITS
Abdelhamid Naceri
Trust: 0.7
sources:
            
            
            ZDI: ZDI-20-1227

SOURCES
db:ZDIid:ZDI-20-1227
db:JVNDBid:JVNDB-2020-009590
db:CNNVDid:CNNVD-202009-1650
db:NVDid:CVE-2020-25775

LAST UPDATE DATE
2024-08-14T13:54:31.244000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-20-1227date:2020-09-28T00:00:00
db:JVNDBid:JVNDB-2020-009590date:2020-11-19T08:11:54
db:CNNVDid:CNNVD-202009-1650date:2020-11-20T00:00:00
db:NVDid:CVE-2020-25775date:2020-10-07T19:04:46.980

SOURCES RELEASE DATE
db:ZDIid:ZDI-20-1227date:2020-09-28T00:00:00
db:JVNDBid:JVNDB-2020-009590date:2020-11-19T08:11:54
db:CNNVDid:CNNVD-202009-1650date:2020-09-28T00:00:00
db:NVDid:CVE-2020-25775date:2020-09-29T00:15:13.440