CVE-2018-18332 — HIGH (7.5)

Vulnerability Description

A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to potentially manipulate permissions on some key files to modify other files and folders on vulnerable installations.

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Trendmicro	Officescan	xg
Microsoft	Windows	-

Related Weaknesses (CWE)

CWE-732

References

https://success.trendmicro.com/solution/1121674MitigationVendor Advisory
https://success.trendmicro.com/solution/1121674MitigationVendor Advisory

FAQ

What is CVE-2018-18332?

CVE-2018-18332 is a vulnerability with a CVSS score of 7.5 (HIGH). A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to potentially manipulate permissions on some key files to modify other files and folders on vulnerable installati...

How severe is CVE-2018-18332?

CVE-2018-18332 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-18332?

Check the references section above for vendor advisories and patch information. Affected products include: Trendmicro Officescan, Microsoft Windows.