Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mobile_security
(Trendmicro)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 21 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-06-26 | CVE-2023-35695 | A remote attacker could leverage a vulnerability in Trend Micro Mobile Security (Enterprise) 9.8 SP5 to download a particular log file which may contain sensitive information regarding the product. | Mobile_security | 7.5 | ||
| 2022-09-19 | CVE-2022-40980 | A potential unathenticated file deletion vulnerabilty on Trend Micro Mobile Security for Enterprise 9.8 SP5 could allow an attacker with access to the Management Server to delete files. This issue was resolved in 9.8 SP5 Critical Patch 2. | Mobile_security | 9.1 | ||
| 2020-02-20 | CVE-2019-14688 | Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial product installation by an authorized user. The attacker must convince the target to download malicious DLL locally which must be present when the installer is run. | Control_manager, Endpoint_sensor, Im_security, Mobile_security, Officescan, Scanmail, Security, Serverprotect | N/A | ||
| 2019-12-18 | CVE-2019-19690 | Trend Micro Mobile Security for Android (Consumer) versions 10.3.1 and below on Android 8.0+ has an issue in which an attacker could bypass the product's App Password Protection feature. | Mobile_security | N/A | ||
| 2018-01-19 | CVE-2017-14082 | An uninitialized pointer information disclosure vulnerability in Trend Micro Mobile Security (Enterprise) versions 9.7 and below could allow an unauthenticated remote attacker to disclosure sensitive information on a vulnerable system. | Mobile_security | 7.5 | ||
| 2017-09-22 | CVE-2017-14081 | Proxy command injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. | Mobile_security | 8.8 | ||
| 2017-09-22 | CVE-2017-14080 | Authentication bypass vulnerability in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allows attackers to access a specific part of the console using a blank password. | Mobile_security | 9.8 | ||
| 2017-09-22 | CVE-2017-14079 | Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. | Mobile_security | 8.8 | ||
| 2017-09-22 | CVE-2017-14078 | SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. | Mobile_security | 9.8 | ||
| 2017-03-30 | CVE-2016-9319 | There is Missing SSL Certificate Validation in the Trend Micro Enterprise Mobile Security Android Application before 9.7.1193, aka VRTS-398. | Mobile_security | 5.9 |