TrendMicro Mobile Security
By the Year
In 2024 there have been 3 vulnerabilities in TrendMicro Mobile Security with an average score of 6.1 out of ten. Last year Mobile Security had 9 security vulnerabilities published. At the current rates, it appears that the number of vulnerabilities last year and this year may equal out. Last year, the average CVE base score was greater by 2.00
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 3 | 6.10 |
| 2023 | 9 | 8.10 |
| 2022 | 1 | 9.10 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Mobile Security vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent TrendMicro Mobile Security Security Vulnerabilities
Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim
CVE-2023-41178
6.1 - Medium
- January 23, 2024
Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to, CVE-2023-41176.
XSS
Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim
CVE-2023-41177
6.1 - Medium
- January 23, 2024
Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to, CVE-2023-41178.
XSS
Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim
CVE-2023-41176
6.1 - Medium
- January 23, 2024
Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to, CVE-2023-41177.
XSS
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files
CVE-2023-32528
8.8 - High
- June 26, 2023
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32527.
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files
CVE-2023-32527
8.8 - High
- June 26, 2023
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32528.
A remote attacker could leverage a vulnerability in Trend Micro Mobile Security (Enterprise) 9.8 SP5 to download a particular log file
CVE-2023-35695
7.5 - High
- June 26, 2023
A remote attacker could leverage a vulnerability in Trend Micro Mobile Security (Enterprise) 9.8 SP5 to download a particular log file which may contain sensitive information regarding the product.
Insertion of Sensitive Information into Log File
A path traversal exists in a specific dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could
CVE-2023-32522
8.1 - High
- June 26, 2023
A path traversal exists in a specific dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an authenticated remote attacker to delete arbitrary files. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Directory traversal
A path traversal exists in a specific service dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could
CVE-2023-32521
9.1 - Critical
- June 26, 2023
A path traversal exists in a specific service dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an unauthenticated remote attacker to delete arbitrary files.
Directory traversal
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities
CVE-2023-32526
6.5 - Medium
- June 26, 2023
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32525.
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities
CVE-2023-32525
6.5 - Medium
- June 26, 2023
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32526.
Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets
CVE-2023-32524
8.8 - High
- June 26, 2023
Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32523.
authentification
Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets
CVE-2023-32523
8.8 - High
- June 26, 2023
Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32524.
authentification
A potential unathenticated file deletion vulnerabilty on Trend Micro Mobile Security for Enterprise 9.8 SP5 could
CVE-2022-40980
9.1 - Critical
- September 19, 2022
A potential unathenticated file deletion vulnerabilty on Trend Micro Mobile Security for Enterprise 9.8 SP5 could allow an attacker with access to the Management Server to delete files. This issue was resolved in 9.8 SP5 Critical Patch 2.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for TrendMicro Mobile Security or by TrendMicro? Click the Watch button to subscribe.
