CVE-2020-28575
MEDIUMTrend Micro ServerProtect for Linux 3.0 - Heap-Based Buffer Overflow Privilege Escalation
Title source: llmDescription
A heap-based buffer overflow privilege escalation vulnerability in Trend Micro ServerProtect for Linux 3.0 may allow an attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute high-privileged code on the target in order to exploit this vulnerability.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://success.trendmicro.com/solution/000281950
Third Party Advisory, VDB Entry x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-20-1378/
Scores
CVSS v3
6.7
EPSS
0.0017
EPSS Percentile
38.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (1)
trendmicro/serverprotect
3.0
Published
Dec 01, 2020
Tracked Since
Feb 18, 2026