Back to search
CVE-2020-24562
Published: Sep 28, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
A vulnerability in Trend Micro OfficeScan XG SP1 on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This CVE is similar, but not identical to CVE-2020-24556.
| Vendor | Product | Versions |
|---|---|---|
Trend Micro | Trend Micro OfficeScan | affected XG SP1 |
References
https://success.trendmicro.com/solution/000263633
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-20-1226/
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now