CVE-2024-36306

Trend Micro Apex One Damage Cleanup Engine Link Following Denial-of-Service Vulnerability

Severity Score

6.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Un enlace que sigue a una vulnerabilidad en Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine podría permitir a un atacante local crear una condición de denegación de servicio en las instalaciones afectadas. Tenga en cuenta: un atacante primero debe obtener la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad.

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the Damage Cleanup Engine, which runs within the Trend Micro Common Client Real-time Scan Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.

*Credits: NT AUTHORITY\ANONYMOUS LOGON

CVSS Scores

Trend Micro, Inc.v3.1 6.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-23 CVE Reserved
2024-06-06 CVE Published
2024-06-11 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (2)

URL	Tag	Source
https://success.trendmicro.com/dcx/s/solution/000298063
https://www.zerodayinitiative.com/advisories/ZDI-24-568

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Trend Micro, Inc. Search vendor "Trend Micro, Inc."		Trend Micro Apex One Search vendor "Trend Micro, Inc." for product "Trend Micro Apex One"				< 14.0.0.12980 Search vendor "Trend Micro, Inc." for product "Trend Micro Apex One" and version " < 14.0.0.12980"		en		Affected
Trend Micro, Inc. Search vendor "Trend Micro, Inc."		Trend Micro Apex One As A Service Search vendor "Trend Micro, Inc." for product "Trend Micro Apex One As A Service"				>= SaaS < 14.0.13139 Search vendor "Trend Micro, Inc." for product "Trend Micro Apex One As A Service" and version " >= SaaS < 14.0.13139"		en		Affected