CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32526 – Trend Micro Mobile Security for Enterprises widgetforsecurity set_certificates_config Unrestricted File Upload Vulnerability
https://notcve.org/view.php?id=CVE-2023-32526
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32525. This vulnerability allows remote attackers to create arbitrary files on affected installations of Trend Micro Mobile Security for Enterprises. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the set_certificates_config action defined within the web/widgetforsecurity path. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. • https://success.trendmicro.com/dcx/s/solution/000293106?language=en_US https://www.zerodayinitiative.com/advisories/ZDI-23-586 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32523 – Trend Micro Mobile Security for Enterprises widget WFUser Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-32523
Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32524. This vulnerability allows remote attackers to bypass authentication on affected installations of Trend Micro Mobile Security for Enterprises. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WFUser class defined within the web/widget path. The issue results from improper implementation of the authentication mechanism. An attacker can leverage this vulnerability to bypass authentication on the system. • https://success.trendmicro.com/dcx/s/solution/000293106?language=en_US https://www.zerodayinitiative.com/advisories/ZDI-23-587 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48191 – Trend Micro Maximum Security Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-48191
A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrary location, allowing a escalation of privileges on an affected system. Existe una vulnerabilidad en Trend Micro Maximum Security 2022 (17.7) en la que un usuario con pocos privilegios puede escribir un ejecutable malicioso conocido en una ubicación específica y, en el proceso de eliminación y restauración, un atacante podría reemplazar una carpeta original con un punto de montaje arbitrario. ubicación, lo que permite una escalada de privilegios en un sistema afectado. This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Damage Cleanup Engine. The issue results from the lack of proper locking when performing file operations. • https://helpcenter.trendmicro.com/en-us/article/tmka-11252 https://www.zerodayinitiative.com/advisories/ZDI-23-053 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 4.4EPSS: 0%CPEs: 37EXPL: 0CVE-2022-40708 – Trend Micro Deep Security Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-40708
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707. Una vulnerabilidad de lectura fuera de límites en Trend Micro Deep Security 20 y Cloud One - Workload Security Agent para Windows podría permitir a un atacante local divulgar información confidencial en las instalaciones afectadas. Tenga en cuenta que un atacante debe obtener primero la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar estas vulnerabilidades. • https://success.trendmicro.com/solution/000291590 https://www.zerodayinitiative.com/advisories/ZDI-22-1298 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 37EXPL: 0CVE-2022-40707 – Trend Micro Deep Security Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-40707
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40708. Una vulnerabilidad de lectura fuera de límites en Trend Micro Deep Security 20 y Cloud One - Workload Security Agent para Windows podría permitir a un atacante local divulgar información confidencial en las instalaciones afectadas. Tenga en cuenta: un atacante debe obtener primero la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar estas vulnerabilidades. • https://success.trendmicro.com/solution/000291590 https://www.zerodayinitiative.com/advisories/ZDI-22-1297 • CWE-125: Out-of-bounds Read •