Rewterz Threat Advisory – ICS: Multiple Delta Electronics DOPSoft Vulnerabilities
February 2, 2023Rewterz Threat Advisory – CVE-2023-20856 – VMware vRealize Operations (vROps) Vulnerability
February 2, 2023Rewterz Threat Advisory – ICS: Multiple Delta Electronics DOPSoft Vulnerabilities
February 2, 2023Rewterz Threat Advisory – CVE-2023-20856 – VMware vRealize Operations (vROps) Vulnerability
February 2, 2023Severity
High
Analysis Summary
CVE-2023-0587
Trend Micro Apex could allow a remote attacker to upload arbitrary files, caused by improper validation of file extensions by the /officescan/console/html/cgi/fcgiOfcDDA.exe script. An attacker could exploit this vulnerability to upload a malicious file to the SampleSubmission directory, which could allow the attacker to fill up the file system on which the Apex One server is installed.
Impact
- Gain Access
Indicators Of Compromise
CVE
- CVE-2023-0587
Affected Vendors
Trend Micro
Affected Products
- Trend Micro Apex One Server build 11110
Remediation
Apply the patch for this vulnerability, available from the Trend Micro Website.