CVE-2020-24557

Trend Micro Apex One, OfficeScan, and Worry-Free Business Security on Microsoft Windows contain an improper access control vulnerability that may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function, and attain privilege escalation. Vendor/Product: Trend Micro Apex One, OfficeScan, and Worry-Free Business Security. Added to CISA KEV 2021-11-03; required action: Apply updates per vendor instructions.