Trend Micro has released patches for a critical authentication bypass vulnerability in Trend Micro ServerProtect.

Tracked as CVE-2021-36745 and featuring a CVSS score of 9.8, the security hole could be exploited by remote attackers to completely bypass authentication on a vulnerable system.

Trend Micro says the vulnerability affects ServerProtect for Storage (SPFS) 6.0 for Windows, ServerProtect for EMC Celerra (SPEMC) 5.8, ServerProtect for Network Appliance Filers (SPNAF) 5.8, and ServerProtect for Microsoft Windows / Novell Netware (SPNT) 5.8.

Fixes are now available for all affected versions and users are advised to update their installations as soon as possible – trendmicro.com.

Source: securityweek.com