CVE-2022-25330
CRITICALTrend Micro ServerProtect 6.0/5.8 - Integer Overflow to Remote Code Execution
Title source: llmDescription
Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_misc
https://success.trendmicro.com/solution/000290507
Exploit, Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2022-05
Scores
CVSS v3
9.8
EPSS
0.0491
EPSS Percentile
89.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-190
Status
published
Products (3)
trendmicro/serverprotect
5.8 (3 CPE variants)
trendmicro/serverprotect_for_network_appliance_filer
5.8
trendmicro/serverprotect_for_storage
6.0
Published
Feb 24, 2022
Tracked Since
Feb 18, 2026