CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47199 – Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-47199
14 Nov 2023 — An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47193. Una vulnerabilidad de validación de origen en el agente de seguridad Trend Micro Apex One podría permitir a un atacante local escalar pr... • https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US • CWE-346: Origin Validation Error •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47194 – Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-47194
14 Nov 2023 — An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47195. Una vulnerabilidad de validación de origen en el agente de seguridad Trend Micro Apex One podría permitir a un atacante local escalar pr... • https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US • CWE-346: Origin Validation Error •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47197 – Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-47197
14 Nov 2023 — An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47198. Una vulnerabilidad de validación de origen en el agente de seguridad Trend Micro Apex One podría permitir a un atacante local escalar pr... • https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US • CWE-346: Origin Validation Error •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47198 – Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-47198
14 Nov 2023 — An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47199. Una vulnerabilidad de validación de origen en el agente de seguridad Trend Micro Apex One podría permitir a un atacante local escalar pr... • https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US • CWE-346: Origin Validation Error •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47192 – Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-47192
14 Nov 2023 — An agent link vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de enlace de agente en el agente de seguridad Trend Micro Apex One podría permitir que un atacante local escale privilegios en las instalaciones afectadas. Tenga en cuenta: un atacante primero deb... • https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47201 – Trend Micro Apex One CNTAoSMgr Origin Validation Error Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-47201
14 Nov 2023 — A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47200. Una vulnerabilidad de validación del origen del administrador de complementos en el agente de seguridad Trend Micro Apex ... • https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47202 – Trend Micro Apex One Local File Inclusion Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-47202
14 Nov 2023 — A local file inclusion vulnerability on the Trend Micro Apex One management server could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de inclusión de archivos locales en el servidor de administración Trend Micro Apex One podría permitir a un atacante local escalar privilegios en las instalaciones afectadas. Tenga en ... • https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US •
CVSS: 8.3EPSS: 35%CPEs: 5EXPL: 0CVE-2023-41179 – Trend Micro Apex One and Worry-Free Business Security Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-41179
19 Sep 2023 — A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation. Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability. Una vulnerabilidad en el módulo de desinstalación AV de terceros contenido en Trend Micro Ape... • https://jvn.jp/en/vu/JVNVU90967486 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 8%CPEs: 3EXPL: 0CVE-2023-32557
https://notcve.org/view.php?id=CVE-2023-32557
26 Jun 2023 — A path traversal vulnerability in the Trend Micro Apex One and Apex One as a Service could allow an unauthenticated attacker to upload an arbitrary file to the Management Server which could lead to remote code execution with system privileges. • https://success.trendmicro.com/dcx/s/solution/000293108?language=en_US • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-30902
https://notcve.org/view.php?id=CVE-2023-30902
26 Jun 2023 — A privilege escalation vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to unintentionally delete privileged Trend Micro registry keys including its own protected registry keys on affected installations. • https://success.trendmicro.com/dcx/s/solution/000293108?language=en_US • CWE-276: Incorrect Default Permissions •