Cyber Security Application Security Trend Micro Vulnerabilities in IWSVA Web Gateway has been...

Trend Micro Vulnerabilities in IWSVA Web Gateway has been Fixed!

-

The company Trend Micro this week sent out to customers update InterScan Web Security Virtual Appliance (IWSVA) , which patches several serious vulnerabilities. A potential attacker can use some of these vulnerabilities to remotely take control of the attacked device.

The security concerns were identified by Wolfgang Ettlinger, an Austrian cybersecurity expert from SEC Consult. It is noteworthy that Ettlinger reported vulnerabilities to Trend Micro back in the summer of 2019.

Only at the end of November 2020, the developers were able to eliminate the gaps described by the researcher – with the release of the IWSVA 6.5 SP2 CP b1919 version. Despite the lengthy patching process, Ettlinger noted that Trend Micro approached the problem quite professionally.

As a reminder, Trend Micro IWSVA is a web-based gateway that helps organizations protect systems from today’s cyberthreats. At the same time, IWSVA can monitor employee Internet usage in real time.

In total, Ettlinger discovered six IWSVA vulnerabilities, including the ability to bypass protection against CSRF, XSS, bypass authentication and authorization, and the ability to inject and execute commands. Most of the flaws have received a high severity rating.

The researcher also identified three attack scenarios that exploit these holes. In one of these scenarios, the attacker will be able to remotely gain root access to the attacked device.

SEC Consult has dedicated a separate post to these security issues , where you can also find technical details of the identified vulnerabilities. SEC Consult refused to publish the exploit code.

Nevertheless, we can watch a video that demonstrates the exploitation of vulnerabilities and the corresponding attack:

Must read

28 dangerous extensions detected for Google Chrome and Microsoft Edge

Avast experts have discovered malware hidden in at least 28 third-party...

Why Is It Important To Have Intrusion Detection And Prevention ?

This article describes why detection and prevention of burglaries...

The risk is real: attacks on OT infrastructure

Previously, many believed that attacks on an isolated OT...

Gitpaste-12: Linux bot armed with a dozen exploits

Researchers at Juniper Networks have discovered a Linux scripting...

Saferwall : Open Source Malware Analysis

Saferwall is an open source malware analysis platform. It...

Network Vulnerability Assessment ? Why Should Every Company Do it at least once a Year !

Network vulnerability assessment analyzes a variety of network issues,...

Artificial Intelligence and Cyber Security

As artificial intelligence intrudes into the world of cybersecurity,...

You might also likeRELATED
Recommended to you