A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5 and 9.0) could allow an attacker to modify arbitrary files on the affected product’s management console.
Manipulation of data
Trend Micro OfficeScan XG
The vulnerability is reported in versions prior to Server Build 1933 and Agent Build 1812 running on Windows.
Trend Micro OfficeScan 11.0
Vendor has released patch/update for the following vulnerability.