<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1462084720533760&amp;ev=PageView&amp;noscript=1">
Virsec Security Research Lab

CVE-2020-28578 Trend Micro InterScan Web Security Virtal appliance

Virsec Security Research Lab Vulnerability Analysis

The Virsec Security Research Lab provides detailed analysis on recent and notable security vulnerabilities.

1.1        Vulnerability Summary

The flaw exists in the Java_com_trend_iwss_gui_IWSSJNI_DecryptPasswd function in libuiauutil.so due to improper validation of user-supplied data before copying it to a fixed-size, stack-based buffer via the strcpy function. An unauthenticated, remote attacker can exploit the vulnerability by sending a specially crafted HTTP message to URL /rest/windows_client_status on HTTPS port 8443: The attacker can potentially achieve remote code execution with the privileges of the iscan account.


Watch the video to learn more about this and other important vulnerabilities.

1.2        CVSS Score

CVSS Base score of this vulnerability is 9.8 Critical. (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

1.3        Affected Version

Virtual Appliance 6.5 SP2 is affected

1.4        Vulnerability Attribution

Tenable Inc.

1.5        Risk Impact

Trend Micro InterScanWeb Security Virtual Appliance is an on-premises secure web gateway that gives its end-users protection against dynamic online threats. It also provides users with real-time visibility and control of employee internet usage. Interscan Web Security is also available in the cloud as a service. Clearly, if the security control can be subverted and come under control of the attacker, then the entire organization comes under threat.  A public domain exploit is available here.

1.6        Virsec Security Platform (VSP) Support

The Virsec Security Platform (VSP)- Mem can protect this product and can save its customers from this type of attack.

1.7        Reference Links

Download the full vulnerability report to learn more about this and other important vulnerabilities.