CVE-2023-32556
- EPSS 0.29%
- Veröffentlicht 26.06.2023 22:15:10
- Zuletzt bearbeitet 21.11.2024 08:03:35
A link following vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to disclose sensitive information. Please note: an attacker must first obtain the ability to execute low-privileged code on the...
CVE-2023-32557
- EPSS 1.22%
- Veröffentlicht 26.06.2023 22:15:10
- Zuletzt bearbeitet 21.11.2024 08:03:35
A path traversal vulnerability in the Trend Micro Apex One and Apex One as a Service could allow an unauthenticated attacker to upload an arbitrary file to the Management Server which could lead to remote code execution with system privileges.
CVE-2023-30902
- EPSS 0.13%
- Veröffentlicht 26.06.2023 22:15:09
- Zuletzt bearbeitet 05.12.2024 15:15:06
A privilege escalation vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to unintentionally delete privileged Trend Micro registry keys including its own protected registry keys on affected install...
CVE-2023-25145
- EPSS 0.39%
- Veröffentlicht 10.03.2023 21:15:15
- Zuletzt bearbeitet 05.03.2025 21:15:16
A link following vulnerability in the scanning function of Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged c...
CVE-2023-25146
- EPSS 0.39%
- Veröffentlicht 10.03.2023 21:15:15
- Zuletzt bearbeitet 05.03.2025 21:15:17
A security agent link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to quarantine a file, delete the original folder and replace with a junction to an arbitrary location, ultimately leading to an arbitrary fil...
CVE-2023-25147
- EPSS 0.23%
- Veröffentlicht 10.03.2023 21:15:15
- Zuletzt bearbeitet 05.03.2025 21:15:17
An issue in the Trend Micro Apex One agent could allow an attacker who has previously acquired administrative rights via other means to bypass the protection by using a specifically crafted DLL during a specific update process. Please note: an att...
CVE-2023-25148
- EPSS 0.39%
- Veröffentlicht 10.03.2023 21:15:15
- Zuletzt bearbeitet 05.03.2025 21:15:17
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to exploit the vulnerability by changing a specific file into a pseudo-symlink, allowing privilege escalation on affected installations. Please note...
CVE-2023-25143
- EPSS 1.74%
- Veröffentlicht 10.03.2023 21:15:14
- Zuletzt bearbeitet 05.03.2025 15:15:12
An uncontrolled search path element vulnerability in the Trend Micro Apex One Server installer could allow an attacker to achieve a remote code execution state on affected products.
CVE-2023-25144
- EPSS 0.3%
- Veröffentlicht 10.03.2023 21:15:14
- Zuletzt bearbeitet 06.03.2025 16:15:40
An improper access control vulnerability in the Trend Micro Apex One agent could allow a local attacker to gain elevated privileges and create arbitrary directories with arbitrary ownership.
CVE-2023-0587
- EPSS 59.59%
- Veröffentlicht 01.02.2023 03:15:08
- Zuletzt bearbeitet 27.03.2025 15:15:42
A file upload vulnerability in exists in Trend Micro Apex One server build 11110. Using a malformed Content-Length header in an HTTP PUT message sent to URL /officescan/console/html/cgi/fcgiOfcDDA.exe, an unauthenticated remote attacker can upload ar...