Multiple vulnerabilities in Trend Micro ServerProtect


Trend Micro Incorporated has released security updates for ServerProtect.

Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
CVSS Severity (What is CVSS?)

Affected Products

Trend Micro, Inc.
  • Trend Micro ServerProtect for Storage (SPFS) 6.0
  • Trend Micro ServerProtect for Microsoft Windows / Novell NetWare (SPNT) 5.8
  • Trend Micro ServerProtect for EMC Celerra (SPEMC) 5.8
  • Trend Micro ServerProtect ServerProtect for Network Appliance Filers (SPNAF) 5.8


* Remote control execution due to insufficiently protected static credentials
* Denial-of-service (DoS) and/or remote code execution due to integer overflow
* Denial-of-service (DoS) due to improper exception handling

For more information, refer to the information provided by the developer.

[Apply the patch]
Apply the appropriate patch according to the information provided by the developer.

Vendor Information

Trend Micro, Inc.
CWE (What is CWE?)

CVE (What is CVE?)

  1. CVE-2022-25329
  2. CVE-2022-25330
  3. CVE-2022-25331

  1. JVN : JVNVU#92972528
Revision History

  • [2022/03/03]
      Web page was published