CVE-2018-18332

HIGH

Trend Micro OfficeScan XG - Incorrect Permission Assignment for Critical Resource

Title source: llm
STIX 2.1

Description

A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to potentially manipulate permissions on some key files to modify other files and folders on vulnerable installations.

References (1)

Core 1
Core References
Mitigation, Vendor Advisory x_refsource_confirm
https://success.trendmicro.com/solution/1121674

Scores

CVSS v3 7.5
EPSS 0.0137
EPSS Percentile 68.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-732
Status published
Products (1)
trendmicro/officescan xg
Published Dec 21, 2018
Tracked Since Feb 18, 2026