CVE-2020-8470: 
Trend Micro Apex One Agent vulnerability analysis and mitigation

CVE-2020-8470 is a critical vulnerability affecting Trend Micro Apex One (2019), OfficeScan XG, and Worry-Free Business Security (9.0, 9.5, 10.0) server. The vulnerability was disclosed in March 2020 and involves a vulnerable service DLL file that could allow an attacker to delete any file on the server with SYSTEM level privileges. Notably, this vulnerability does not require authentication to exploit (CERT-EU, NVD).

The vulnerability has been assigned a critical severity rating with a CVSSv3 score of 10.0, which is the highest possible severity score. The vulnerability exists in a service DLL file within the server component of the affected Trend Micro products. The critical nature of this vulnerability stems from the fact that it can be exploited without requiring authentication, potentially allowing attackers to delete arbitrary files with SYSTEM level privileges (CERT-EU).

The exploitation of this vulnerability could allow an attacker to delete any file on the affected server with SYSTEM level privileges. Given that no authentication is required, this presents a significant security risk as attackers could potentially delete critical system files or security-related files, leading to system instability or compromise (CERT-EU).

Trend Micro has released security updates to address this vulnerability. Users of affected products are strongly encouraged to update to the following versions: Apex One (on premise) to CP 2117, OfficeScan XG SP1 to CP 5474, and OfficeScan XG to CP 1988 (CERT-EU).

The security community has expressed significant concern about this vulnerability, particularly due to its critical severity rating and the fact that it requires no authentication to exploit. Trend Micro has emphasized the importance of immediate patching, especially given the potential for system-level access (Threatpost).