News broke yesterday that researchers from Core Security had discovered multiple vulnerabilities in the web-based management console of Trend Micro ServerProtect. Vulnerabilities were found in the ServerProtect for Linux update mechanism, allowing remote code execution as root. Andrew Clarke, EMEA Director at One Identity commented below.
Andrew Clarke, EMEA Director at One Identity:
However businesses can proactively defend against these potential exploits since an attacker does require access to the vulnerable system. A strong access policy alongside suitable perimeter defences which considers remote access to critical systems should be regularly reviewed. Control of administrative passwords which can unlock access to such systems should also be placed under a robust privileged account management environment.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.