Operating System:

[WIN]

Published:

18 September 2017

Protect yourself against future threats.

//Service

Incident Management

Whether it is proactive or reactive services you're after, we will help you detect, interpret and respond to attacks from across the globe.

Read more
Resources > Security Bulletins > ASB-2017.0150 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2017.0150
                 Trend Micro Mobile Security (Enterprise)
                             18 September 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Trend Micro Mobile Security (Enterprise)
Operating System:     Windows
Impact/Access:        Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                      Increased Privileges            -- Remote/Unauthenticated
                      Administrator Compromise        -- Existing Account      
                      Modify Arbitrary Files          -- Existing Account      
Resolution:           Patch/Upgrade
CVE Names:            CVE-2017-14081 CVE-2017-14080 CVE-2017-14079
                      CVE-2017-14078  
Member content until: Wednesday, October 18 2017
Reference:            https://success.trendmicro.com/solution/1118224

OVERVIEW

        Multiple vulnerabilities have been identified in Trend Micro Mobile
        Security (ENT) prior to version 9.7 Patch 3 [1]


IMPACT

        Trend Micro have provided the following details regarding the 
        vunlnerabilities:
        
        "Release Date: September 13, 2017
        
        CVE Identifier(s): CVE-2017-14078, 14079, 14080, 14081
        
        CVSS 2.0 Score(s): 6.5 - 10
        
        Severity Rating(s): Medium & High
        
        Trend Micro has released a new patch for Trend Micro Mobile Security
        (Enterprise) 9.7. This patch resolves multiple vulnerabilities 
        related to potential unrestricted file uploads, authentication 
        bypass, SQL injections, and proxy command injections.
        
        CVE		ZDI Case(s)
        CVE-2017-14078	ZDI-17-739 -- 810 (excluding 752, 767, 774, 785, 789)
        CVE-2017-14079	ZDI-17-785, 789, 790, 807
        CVE-2017-14080	ZDI-17-767
        CVE-2017-14081	ZDI-17-752, 774
        
        Acknowledgement
        
        Trend Micro would like to thank the following individuals for 
        responsibly disclosing these issues and working with Trend Micro to
        help protect our customers:
        
        Steven Seeley (mr_me) of Offensive Security & Roberto Suggi Liverani
        (@malerisch) working with Trend Micro's Zero Day Initiative
        
        Steven Seeley (mr_me) of Offensive Security working with Trend 
        Micro's Zero Day Initiative" [1]


MITIGATION

        Trend Micro has provided an update to address these security issues. [1]


REFERENCES

        [1] SECURITY BULLETIN: Trend Micro Mobile Security (Enterprise)
            Multiple Vulnerabilities
            https://success.trendmicro.com/solution/1118224

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWb9R3Yx+lLeg9Ub1AQiSJw//VWCurdPd9q2EXZEavhrwF8gA9uFJW3ZQ
5H5VDBa3R6dzZ/vTA6dRP+yhL5ioDFlEOaZl/X8yFgzm0L4saJClqXgRnf2yo+HE
Q24iuCfd5ZeLWg7M+W+9GF6rS9hGinVgvJVudEy1XRBRoz+DuF+De9n3ei8V4IC+
qYLYd0lnvjht2gAa7Oriw7bYb2nW2F6KH8hEDNevCH5M48T2PnPMc+5sE3KSj6Z2
qVEKToYIYzelRo3ZG1x5v3tDzcFEY6NCzz2G6QOetKm3HB/WDS2Quz9wgEt++g7I
VhJBVOjevwFphchroNJyOREv9HDSoajUUlG+VBM99tjCW5/UCN5cN77HJdHW/hRx
Os6vneDqKsANWxMu03ShJwyRaIaMDOLdPSIFO8jXn2cYy+ZedovCykOdEXs2xd9H
m7DtMtN5UpwlPIhlfqFzD2ZmdxrqVuFLBtWKZxyqe2RrlOe2u8jYVpTnxq5Bxm9K
xhW4f2YSB/hEm1g4s76NvHzB8YZE3CbO8wBtprUk94axwnSzsP0fBLmYKw6L0t1B
UcfYOXhUgJ+acmZQdkUM/K8v3PmK9hoibJPLQsOH9BE1d7xmPrpj4QI5v2+CBe5D
5ZFQBRGIAPyDZ40cn2Izfq8S2Lc1m+8k83AMMgXisCugMaHeKA8ZU6OtzHQ5Xvi9
dgY98GS4d/Y=
=Og3V
-----END PGP SIGNATURE-----