Cyber Resilience

CVE-2020-8468

HighCISA KEVActive ExploitationEUVD Exploited

Published: 18 March 2020

Published
18 March 2020
Modified
31 October 2025
KEV Added
03 November 2021
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.1908 95.5th percentile
Risk Priority 49 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2020-8468 is a high-severity Injection (CWE-74) vulnerability in Trendmicro Worry-Free Business Security. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 4.5% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-7 (Software, Firmware, and Information Integrity).

Deeper analysis

Trend Micro Apex One (2019), OfficeScan XG, and Worry-Free Business Security agents (versions 9.0, 9.5, and 10.0) contain a content validation escape vulnerability tracked as CVE-2020-8468. The flaw, assigned CWE-74, resides in agent client components and permits manipulation of validated content when an authenticated user interacts with the affected software.

An attacker with valid user credentials can exploit the issue over the network with low complexity to alter agent behavior. Successful exploitation yields high impact on confidentiality, integrity, and availability of the targeted endpoint, as reflected in the CVSS 3.1 score of 8.8.

Trend Micro has published multiple solution articles detailing patches and configuration guidance for the affected products at the referenced URLs, including https://success.trendmicro.com/solution/000245571 and https://success.trendmicro.com/solution/000245572.

EU & UK References

Vulnerability details

Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication.

CWE(s)
KEV Date Added
03 November 2021

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

trendmicro
apex one
2019
trendmicro
officescan
xg
trendmicro
worry-free business security
10.0, 9.0, 9.5

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces validation of all input content to block the content-validation escape that enables manipulation of agent components.

preventdetect

Requires integrity checks on software and information to detect or block unauthorized manipulation of validated agent client components.

prevent

Enforces access-control decisions on authenticated sessions so that only explicitly permitted actions can reach the vulnerable validation logic.

References