An unvalidated software update vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a man-in-the-middle attacker to tamper with an update file and inject their own.
The product does not validate, or incorrectly validates, a certificate.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Email_encryption_gateway | Trendmicro | 5.5 (including) | 5.5 (including) |