Back to CVE Browser

CVE-2020-8468

Known Exploited (CISA KEV)HIGH

8.8

CVSS Severity Score

EPSS Score78.7710%

EPSS Percentile98.31th

PublishedMar 18, 2020

Last ModifiedOct 31, 2025

Vulnerability Description

Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication.

Affected Platforms (CPE)

📦

Trendmicro

Apex One

= 2019

📦

Trendmicro

Officescan

= xg

📦

Trendmicro

Officescan

= xg

📦

Trendmicro

Worry Free Business Security

= 9.0

📦

Trendmicro

Worry Free Business Security

= 9.5

📦

Trendmicro

Worry Free Business Security

= 10.0

📦

Trendmicro

Worry Free Business Security

= 10.0

References & Advisories

🔗 https://success.trendmicro.com/jp/solution/000244253

🔗 https://success.trendmicro.com/jp/solution/000244836

🔗 https://success.trendmicro.com/solution/000245571

🔗 https://success.trendmicro.com/solution/000245572

🔗 https://success.trendmicro.com/jp/solution/000244253

🔗 https://success.trendmicro.com/jp/solution/000244836

🔗 https://success.trendmicro.com/solution/000245571

🔗 https://success.trendmicro.com/solution/000245572

Related Vulnerabilities

CVE-2020-85999.8

Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arb...

CVE-2019-181899.8

A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (11.0, XG) and Worry-Free Business Security (9.5, 10.0) ma...

CVE-2020-85989.8

Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service ...

CVE-2026-349269.2

Trend Micro Apex One is vulnerable to Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability. Apply mitigations per v...