CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36304 – Trend Micro Apex One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-36304
06 Jun 2024 — A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de tiempo de verificación de tiempo de uso en Trend Micro Apex One y Apex One como agente de servicio podría permitir a un atacante local escalar privilegios en las ... • https://success.trendmicro.com/dcx/s/solution/000298063 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36305 – Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-36305
06 Jun 2024 — A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Un enlace de agente de seguridad tras una vulnerabilidad en Trend Micro Apex One podría permitir a un atacante local escalar privilegios en las instalaciones afectadas. Tenga en cuenta: un atacante primero debe obten... • https://success.trendmicro.com/dcx/s/solution/000298063 •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36306 – Trend Micro Apex One Damage Cleanup Engine Link Following Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-36306
06 Jun 2024 — A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Un enlace que sigue a una vulnerabilidad en Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine podría permitir a un atacante local crear una con... • https://success.trendmicro.com/dcx/s/solution/000298063 •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36307 – Trend Micro Apex One Security Agent Link Following Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-36307
06 Jun 2024 — A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Un enlace de agente de seguridad tras una vulnerabilidad en Trend Micro Apex One y Apex One as a Service podría permitir a un atacante local revelar información co... • https://success.trendmicro.com/dcx/s/solution/000298063 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-37289 – Trend Micro Apex One Improper Access Control Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-37289
06 Jun 2024 — An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de control de acceso inadecuado en Trend Micro Apex One podría permitir que un atacante local escale privilegios en las instalaciones afectadas. Tenga en cuenta: un atacante primero debe obtener la capa... • https://success.trendmicro.com/dcx/s/solution/000298063 • CWE-284: Improper Access Control •