Attacker Value
Low
(1 user assessed)
Exploitability
Moderate
(1 user assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
1

CVE-2020-25779

Disclosure Date: October 13, 2020
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Exfiltration
Techniques
Validation
Validated

Description

Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in which a Internationalized Domain Name homograph attack (Puny-code) could be used to add a malicious website to the approved websites list of Trend Micro Antivirus for Mac to bypass the web threat protection feature.

Add Assessment

2
Ratings
  • Attacker Value
    Low
  • Exploitability
    Medium
Technical Analysis

I’ll add the proof of concept under References!

General Information

Vendors

  • Trend Micro

Products

  • Trend Micro Antivirus for Mac (Consumer)

Additional Info

Technical Analysis