Unrated severityCISA KEVNVD Advisory· Published Mar 18, 2020· Updated Oct 21, 2025

CVE-2020-8599

Description

Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login. Authentication is not required to exploit this vulnerability.

Affected products

Trend Micro/Trend Micro OfficeScan, Trend Micro Apex Onev5
Range: OfficeScan XG (12.0), Apex One 2019 (14.0)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

success.trendmicro.com/jp/solution/000244253mitrex_refsource_MISC
success.trendmicro.com/solution/000245571mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.046
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000