CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25144 – Trend Micro Apex One Improper Access Control Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-25144
An improper access control vulnerability in the Trend Micro Apex One agent could allow a local attacker to gain elevated privileges and create arbitrary directories with arbitrary ownership. This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Apex One Security Agent. The specific flaw exists within the logic that controls access to the Suspect folder. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/solution/000292209 https://www.zerodayinitiative.com/advisories/ZDI-23-171 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45798 – Trend Micro Apex One Damage Cleanup Engine Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-45798
A link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges by creating a symbolic link and abusing the service to delete a file. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Un vínculo que sigue a una vulnerabilidad en el componente Damage Cleanup Engine de Trend Micro Apex One y Trend Micro Apex One como Servicio podría permitir a un atacante local escalar privilegios creando un vínculo simbólico y abusando del servicio para eliminar un archivo. Tenga en cuenta: un atacante primero debe obtener la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad. This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Damage Cleanup Engine, which runs within the Trend Micro Common Client Real-time Scan Service. • https://success.trendmicro.com/solution/000291830 https://www.zerodayinitiative.com/advisories/ZDI-22-1665 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45797
https://notcve.org/view.php?id=CVE-2022-45797
An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges and delete files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de eliminación arbitraria de archivos en el componente Damage Cleanup Engine de Trend Micro Apex One y Trend Micro Apex One as a Service podría permitir a un atacante local escalar privilegios y eliminar archivos en las instalaciones afectadas. Tenga en cuenta: un atacante primero debe obtener la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad. • https://success.trendmicro.com/solution/000291830 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-44654
https://notcve.org/view.php?id=CVE-2022-44654
Affected builds of Trend Micro Apex One and Apex One as a Service contain a monitor engine component that is complied without the /SAFESEH memory protection mechanism which helps to monitor for malicious payloads. The affected component's memory protection mechanism has been updated to enhance product security. Las compilaciones afectadas de Trend Micro Apex One y Apex One as a Service contienen un componente de motor de monitorización que se cumple sin el mecanismo de protección de memoria /SAFESEH que ayuda a monitorizar payloads maliciosos. El mecanismo de protección de la memoria del componente afectado se ha actualizado para mejorar la seguridad del producto. • https://success.trendmicro.com/solution/000291770 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-44652 – Trend Micro Apex One Improper Handling of Exceptional Conditions Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-44652
An improper handling of exceptional conditions vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Un manejo inadecuado de la vulnerabilidad de condiciones excepcionales en Trend Micro Apex One y Apex One as a Service podría permitir a un atacante local escalar privilegios en las instalaciones afectadas. Tenga en cuenta: un atacante primero debe obtener la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad. This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the installer. • https://success.trendmicro.com/solution/000291770 https://www.zerodayinitiative.com/advisories/ZDI-22-1621 • CWE-755: Improper Handling of Exceptional Conditions •