// For flags

CVE-2023-41179

Trend Micro Apex One and Worry-Free Business Security Remote Code Execution Vulnerability

Severity Score

7.2
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

Yes
*KEV

Decision

Act
*SSVC
Descriptions

A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation.

Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.

Una vulnerabilidad en el módulo de desinstalación AV de terceros contenido en Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security y Worry-Free Business Security Services podría permitir a un atacante manipular el módulo para ejecutar comandos arbitrarios afectando la instalación. Tenga en cuenta que un atacante primero debe obtener acceso a la consola administrativa en el sistema de destino para poder aprovechar esta vulnerabilidad.

Trend Micro Apex One and Worry-Free Business Security contain an unspecified vulnerability in the third-party anti-virus uninstaller that could allow an attacker to manipulate the module to conduct remote code execution. An attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:Act
Exploitation
Active
Automatable
No
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2023-08-24 CVE Reserved
  • 2023-09-19 CVE Published
  • 2023-09-21 Exploited in Wild
  • 2023-10-12 KEV Due Date
  • 2024-09-25 CVE Updated
  • 2024-09-26 EPSS Updated
  • ---------- First Exploit
CWE
  • CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Trendmicro
Search vendor "Trendmicro"
Apex One
Search vendor "Trendmicro" for product "Apex One"
2019
Search vendor "Trendmicro" for product "Apex One" and version "2019"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
--
Safe
Trendmicro
Search vendor "Trendmicro"
Apex One
Search vendor "Trendmicro" for product "Apex One"
2019
Search vendor "Trendmicro" for product "Apex One" and version "2019"
saas
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
--
Safe
Trendmicro
Search vendor "Trendmicro"
Worry-free Business Security
Search vendor "Trendmicro" for product "Worry-free Business Security"
10.0
Search vendor "Trendmicro" for product "Worry-free Business Security" and version "10.0"
sp1
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
--
Safe
Trendmicro
Search vendor "Trendmicro"
Worry-free Business Security Services
Search vendor "Trendmicro" for product "Worry-free Business Security Services"
-saas
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
--
Safe