Описание
SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain "full file system access" and execute arbitrary code.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:trend_micro:serverprotect:5.58_security_patch_3:*:windows:*:*:*:*:*
EPSS
Процентиль: 99%
0.7136
Высокий
10 Critical
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain "full file system access" and execute arbitrary code.
EPSS
Процентиль: 99%
0.7136
Высокий
10 Critical
CVSS2
Дефекты
CWE-264