CVE-2023-32529 – Trend Micro Apex Central modTMMS SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-32529
Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution. Please note: an attacker must first obtain authentication on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32530. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of delete_cert_vec requests to the modTMMS endpoint. When parsing the id parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the IUSR user. • https://success.trendmicro.com/dcx/s/solution/000293107?language=en_US https://www.zerodayinitiative.com/advisories/ZDI-23-652 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-32530 – Trend Micro Apex Central modTMMS SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-32530
Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution. Please note: an attacker must first obtain authentication on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32529. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of set_certificates_config requests to the modTMMS endpoint. When parsing the dbCert parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the IUSR user. • https://success.trendmicro.com/dcx/s/solution/000293107?language=en_US https://www.zerodayinitiative.com/advisories/ZDI-23-654 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-32523 – Trend Micro Mobile Security for Enterprises widget WFUser Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-32523
Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32524. This vulnerability allows remote attackers to bypass authentication on affected installations of Trend Micro Mobile Security for Enterprises. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WFUser class defined within the web/widget path. The issue results from improper implementation of the authentication mechanism. An attacker can leverage this vulnerability to bypass authentication on the system. • https://success.trendmicro.com/dcx/s/solution/000293106?language=en_US https://www.zerodayinitiative.com/advisories/ZDI-23-587 • CWE-287: Improper Authentication •
CVE-2023-32527 – Trend Micro Mobile Security for Enterprises widget getWidgetPoolManager Local File Inclusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-32527
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32528. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Mobile Security for Enterprises. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the getWidgetPoolManager function defined within the web/widget path. The issue results from the lack of proper validation of user-supplied data prior to passing it to a PHP include function. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of IUSR. • https://success.trendmicro.com/dcx/s/solution/000293106?language=en_US https://www.zerodayinitiative.com/advisories/ZDI-23-590 •
CVE-2023-32528 – Trend Micro Mobile Security for Enterprises widgetforsecurity getWidgetPoolManager Local File Inclusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-32528
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32527. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Mobile Security for Enterprises. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the getWidgetPoolManager function defined within the web/widgetforsecurity path. The issue results from the lack of proper validation of user-supplied data prior to passing it to a PHP include function. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of IUSR. • https://success.trendmicro.com/dcx/s/solution/000293106?language=en_US https://www.zerodayinitiative.com/advisories/ZDI-23-591 •