Mobile Security for Enterprise
by Trend Micro
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-14078 | Cri | 0.68 | 9.8 | 0.50 | Sep 22, 2017 | SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. | ||
| CVE-2017-14080 | Cri | 0.64 | 9.8 | 0.03 | Sep 22, 2017 | Authentication bypass vulnerability in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allows attackers to access a specific part of the console using a blank password. | ||
| CVE-2017-14081 | Hig | 0.59 | 8.8 | 0.17 | Sep 22, 2017 | Proxy command injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. | ||
| CVE-2017-14079 | Hig | 0.58 | 8.8 | 0.11 | Sep 22, 2017 | Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. | ||
| CVE-2017-14082 | Hig | 0.49 | 7.5 | 0.04 | Jan 19, 2018 | An uninitialized pointer information disclosure vulnerability in Trend Micro Mobile Security (Enterprise) versions 9.7 and below could allow an unauthenticated remote attacker to disclosure sensitive information on a vulnerable system. | ||
| CVE-2016-9319 | Med | 0.38 | 5.9 | 0.01 | Mar 31, 2017 | There is Missing SSL Certificate Validation in the Trend Micro Enterprise Mobile Security Android Application before 9.7.1193, aka VRTS-398. | ||
| CVE-2022-40980 | 0.00 | — | 0.01 | Sep 19, 2022 | A potential unathenticated file deletion vulnerabilty on Trend Micro Mobile Security for Enterprise 9.8 SP5 could allow an attacker with access to the Management Server to delete files. This issue was resolved in 9.8 SP5 Critical Patch 2. |
- risk 0.68cvss 9.8epss 0.50
SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.
- risk 0.64cvss 9.8epss 0.03
Authentication bypass vulnerability in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allows attackers to access a specific part of the console using a blank password.
- risk 0.59cvss 8.8epss 0.17
Proxy command injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.
- risk 0.58cvss 8.8epss 0.11
Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.
- risk 0.49cvss 7.5epss 0.04
An uninitialized pointer information disclosure vulnerability in Trend Micro Mobile Security (Enterprise) versions 9.7 and below could allow an unauthenticated remote attacker to disclosure sensitive information on a vulnerable system.
- risk 0.38cvss 5.9epss 0.01
There is Missing SSL Certificate Validation in the Trend Micro Enterprise Mobile Security Android Application before 9.7.1193, aka VRTS-398.
- CVE-2022-40980Sep 19, 2022risk 0.00cvss —epss 0.01
A potential unathenticated file deletion vulnerabilty on Trend Micro Mobile Security for Enterprise 9.8 SP5 could allow an attacker with access to the Management Server to delete files. This issue was resolved in 9.8 SP5 Critical Patch 2.