{"cve":{"cve_id":"CVE-2020-28576","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.03206,"epss_percentile":0.86496,"epss_as_of":"2026-06-23","description":"An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information.","published_at":"2020-12-01T18:40:38Z","last_modified_at":null,"cvss_v3_score":null,"cvss_v3_vector":null,"cvss_v3_severity":null,"cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":null,"nvd_references":["https://success.trendmicro.com/solution/000281949","https://success.trendmicro.com/solution/000281947","https://www.zerodayinitiative.com/advisories/ZDI-20-1375/"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:14:06.278928Z"},"effective_severity":null,"badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":null,"metrics":[]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"trend-micro","vendor_name":"Trend Micro","product_slug":"trend-micro-apex-one","product_name":"Trend Micro Apex One","version_start":"2019","version_start_inclusive":true,"version_end":"2019","version_end_inclusive":true,"cpe23_uri":"cve5:trend-micro:trend-micro-apex-one:2019:2019"},{"vendor_slug":"trend-micro","vendor_name":"Trend Micro","product_slug":"trend-micro-officescan","product_name":"Trend Micro OfficeScan","version_start":"XG SP1","version_start_inclusive":true,"version_end":"XG SP1","version_end_inclusive":true,"cpe23_uri":"cve5:trend-micro:trend-micro-officescan:XG SP1:XG SP1"}],"exploit_refs":[],"news":[],"references":[{"url":"https://success.trendmicro.com/solution/000281949","source_type":"MISC","tags":[]},{"url":"https://success.trendmicro.com/solution/000281947","source_type":"MISC","tags":[]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-20-1375/","source_type":"VENDOR_ADVISORY","tags":["advisory"]}],"timeline":[{"type":"published","at":"2020-12-01T18:40:38Z","label":"CVE published","source":null}]}