CVE-2020-8598

CRITICAL Year: 2020
CVSS v3 Score
9.8
Critical
CVSS v2 Score
10.0
Critical
Weakness Type
CWE-306
View all →

Vulnerability Description

Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow a remote attacker to execute arbitrary code on affected installations with SYSTEM level privileges. Authentication is not required to exploit this vulnerability.

Related Vulnerabilities

CVE-2006-0061

CRITICAL
CVSS:9.8(Critical)

xlockmore 5.13 and 5.22 segfaults when using libpam-opensc and returns the underlying xsession. This allows unauthorized users access to the X session.

CWE-3062006

CVE-2006-0062

CRITICAL
CVSS:9.8(Critical)

xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a new Gaim window.

CWE-3062006

CVE-2014-3449

CRITICAL
CVSS:9.8(Critical)

BSS Continuity CMS 4.2.22640.0 has an Authentication Bypass vulnerability

CWE-3062014

CVE-2015-2888

CRITICAL
CVSS:9.8(Critical)

Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to bypass authentication, related to the MySnapCam web service.

CWE-3062015

CVE-2016-2004

CRITICAL
CVSS:9.8(Critical)

HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulnerab...

CWE-3062016

CVE-2016-5053

CRITICAL
CVSS:9.8(Critical)

OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary commands via TCP port 4000.

CWE-3062016