How severe is CVE-2020-15604?

CVE-2020-15604 has a CVSS v3 score of 7.5 (HIGH).

CVE-2020-15604

7.5HIGH

An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another at

Опубликовано: 9/24/2020Обновлено: 11/21/2024

Описание

An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one. CWE-494: Update files are not properly verified.

ИИ-АнализНа базе ИИ

Затронутые продукты

trendmicroantivirus\+_2019

trendmicrointernet_security_2019

trendmicromaximum_security_2019

trendmicroofficescan_cloud

trendmicropremium_security_2019

microsoftwindows

Ссылки

https://helpcenter.trendmicro.com/en-us/article/TMKA-09890
Vendor Advisory
https://helpcenter.trendmicro.com/ja-jp/article/TMKA-09673
Vendor Advisory
https://jvn.jp/en/jp/JVN60093979/
Third Party Advisory
https://jvn.jp/jp/JVN60093979/
Third Party Advisory
https://helpcenter.trendmicro.com/en-us/article/TMKA-09890
Vendor Advisory
https://helpcenter.trendmicro.com/ja-jp/article/TMKA-09673
Vendor Advisory
https://jvn.jp/en/jp/JVN60093979/
Third Party Advisory
https://jvn.jp/jp/JVN60093979/
Third Party Advisory