CVE-2022-30687 – Trend Micro Maximum Security Link Following Arbitrary File Deletion Vulnerability
https://notcve.org/view.php?id=CVE-2022-30687
Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could allow a low privileged local user to manipulate the product's secure erase feature to delete arbitrary files. Trend Micro Maximum Security 2022 es vulnerable a la siguiente vulnerabilidad que podría permitir a un usuario local con pocos privilegios manipular la función de borrado seguro del producto para eliminar archivos arbitrarios This vulnerability allows local attackers to delete arbitrary files on affected installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of the Secure Erase feature. The issue results from the lack of proper validation of a user-supplied link prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM. • https://helpcenter.trendmicro.com/en-us/article/tmka-11017 https://www.zerodayinitiative.com/advisories/ZDI-22-789 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2022-26319
https://notcve.org/view.php?id=CVE-2022-26319
An installer search patch element vulnerability in Trend Micro Portable Security 3.0 Pro, 3.0 and 2.0 could allow a local attacker to place an arbitrarily generated DLL file in an installer folder to elevate local privileges. Please note: an attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad del elemento de parche de búsqueda del instalador en Trend Micro Portable Security versiones 3.0 Pro, 3.0 y 2.0 podría permitir a un atacante local colocar un archivo DLL generado arbitrariamente en una carpeta del instalador para elevar los privilegios locales. Nota: un atacante debe obtener primero la capacidad de ejecutar código con privilegios elevados en el sistema de destino para poder explotar esta vulnerabilidad • https://success.trendmicro.com/solution/000290531 • CWE-427: Uncontrolled Search Path Element •
CVE-2022-24679 – Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-24679
A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create an writable folder in an arbitrary location and escalate privileges affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de escalada de privilegios local en los agentes Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security versión 10.0 SP1 y Trend Micro Worry-Free Business Security Services podría permitir a un atacante local crear una carpeta con capacidad de escritura en una ubicación arbitraria y escalar los privilegios en las instalaciones afectadas. Nota: un atacante debe obtener primero la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the NT Apex One RealTime Scan Service. • https://success.trendmicro.com/solution/000290464 https://success.trendmicro.com/solution/000290486 https://www.zerodayinitiative.com/advisories/ZDI-22-370 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2022-24680 – Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-24680
A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create a mount point and leverage this for arbitrary folder deletion, leading to escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de escalada de privilegios local en los agentes Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security versión 10.0 SP1 y Trend Micro Worry-Free Business Security Services podría permitir a un atacante local crear un punto de montaje y aprovecharlo para la eliminación arbitraria de carpetas, conllevando a una escalada de privilegios en las instalaciones afectadas. Nota: un atacante debe obtener primero la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the NT Apex One RealTime Scan Service. • https://success.trendmicro.com/solution/000290464 https://success.trendmicro.com/solution/000290486 https://www.zerodayinitiative.com/advisories/ZDI-22-369 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2022-24678 – Trend Micro Apex One Security Agent Resource Exhaustion Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-24678
An security agent resource exhaustion denial-of-service vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow an attacker to flood a temporary log location and consume all disk space on affected installations. Una vulnerabilidad de denegación de servicio por agotamiento de recursos del agente de seguridad en los agentes Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security versión 10.0 SP1 y Trend Micro Worry-Free Business Security Services podría permitir a un atacante inundar una ubicación de registro temporal y consumir todo el espacio de disco en las instalaciones afectadas This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Trend Micro Apex One Security Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the logging of requests received on the management port. By sending a large number of requests, an attacker can cause log files to grow without limit. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. • https://success.trendmicro.com/solution/000290464 https://success.trendmicro.com/solution/000290486 https://www.zerodayinitiative.com/advisories/ZDI-22-372 • CWE-400: Uncontrolled Resource Consumption •