CVE-2023-52330

Trend Micro Apex Central Cross-Site Scripting Privilege Escalation Vulnerability

Severity Score

6.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A cross-site scripting vulnerability in Trend Micro Apex Central could allow a remote attacker to execute arbitrary code on affected installations of Trend Micro Apex Central.

Please note: user interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Una vulnerabilidad de cross-site scripting en Trend Micro Apex Central podría permitir que un atacante remoto ejecute código arbitrario en las instalaciones afectadas de Trend Micro Apex Central. Tenga en cuenta: se requiere la interacción del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una página maliciosa o abrir un archivo malicioso.

This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability.
The specific flaw exists within the Policy Management functionality. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user.

*Credits: Elias Martinez (filenotfound - https://www.linkedin.com/in/eli-martinez07/)

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-01-11 CVE Reserved
2024-01-11 CVE Published
2024-05-01 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CAPEC

References (2)

URL	Tag	Source
https://www.zerodayinitiative.com/advisories/ZDI-24-051	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US	2024-01-29

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Trendmicro Search vendor "Trendmicro"		Apex One Search vendor "Trendmicro" for product "Apex One"				< 14.0.12849 Search vendor "Trendmicro" for product "Apex One" and version " < 14.0.12849"		saas		Affected
Trendmicro Search vendor "Trendmicro"		Apex One Search vendor "Trendmicro" for product "Apex One"				2019 Search vendor "Trendmicro" for product "Apex One" and version "2019"		-		Affected