Trend Micro fixes a critical flaw in ServerProtec Solution, patch it now!

September 28, 2021  By Pierluigi Paganini


Trend Micro has addressed a critical authentication bypass vulnerability, tracked as CVE-2021-36745, affecting the ServerProtect solution.

Trend Micro has released security patches to address a critical authentication bypass vulnerability, tracked as CVE-2021-36745, that affects the Trend Micro ServerProtect product.

Trend Micro Server Protect offers comprehensive real-time protection for enterprise infrastructure, preventing them from being targeted by viruses, spyware, and other Web threats. 

A remote attacker can exploit the vulnerability to bypass authentication on vulnerable installs, the issue received a CVSS score of 9.8.

“A critical vulnerability in Trend Micro ServerProtect could allow a remote attacker to bypass authentication on affected installations.” reads the advisory published by the security firm. “Exploiting these type of vulnerabilities generally require that an attacker has access (physical or remote) to a vulnerable machine. In addition to timely application of patches and updated solutions, customers are also advised to review remote access to critical systems and ensure policies and perimeter security is up-to-date.”

The vulnerability was reported by Yuto Maeda from Cyber Defense Institute through Trend Micro’s Zero Day Initiative, it is due to the lack of proper validation prior to authentication.

“This vulnerability allows remote attackers to bypass authentication on affected installations of Trend Micro ServerProtect. Authentication is not required to exploit this vulnerability.” reads the advisory published by ZDI. “The specific flaw exists within the ServerProtect console. The issue results from the lack of proper validation prior to authentication. An attacker can leverage this vulnerability to bypass authentication on the system.”

The vulnerability affects ServerProtect for Storage (SPFS) 6.0 for Windows, ServerProtect for EMC Celerra (SPEMC) 5.8, ServerProtect for Network Appliance Filers (SPNAF) 5.8, and Server Protect for Microsoft Windows / Novell Netware (SPNT) 5.8.

Trend Micro urges customers to update to the latest builds as soon as possible.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Trend Micro)

[adrotate banner=”5″]

[adrotate banner=”13″]



Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.





You might also like





  • Digging the Deep Web: Exploring the dark side of the web

    Digging The Deep Web

  • Center for Cyber Security and International Relations Studies

  • Subscribe Security Affairs Newsletter

    newsletter

  • SecurityAffairs awarded as Best European Cybersecurity Tech Blog at European Cybersecurity Blogger Awards

    EU Sec Bloggers Awards 22


More Story

A complete PoC exploit for CVE-2021-22005 in VMware vCenter is available online

 An exploit for the recently disclosed CVE-2021-22005 vulnerability in VMware vCenter was publicly released, threat actors...