CVE-2018-18332
HIGHTrendmicro Officescan - Incorrect Permission Assignment
Title source: ruleDescription
A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to potentially manipulate permissions on some key files to modify other files and folders on vulnerable installations.
References (1)
Core 1
Core References
Mitigation, Vendor Advisory x_refsource_confirm
https://success.trendmicro.com/solution/1121674
Scores
CVSS v3
7.5
EPSS
0.0023
EPSS Percentile
45.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-732
Status
published
Products (1)
trendmicro/officescan
xg
Published
Dec 21, 2018
Tracked Since
Feb 18, 2026