CVE-2022-44649

Vulnerability

An out-of-bounds write vulnerability exists in the Unauthorized Change Prevention service of Trend Micro Apex One (on-premises) and Apex One as a Service. The flaw occurs when a crafted request triggers a write past the end of an allocated data structure. Affected versions include all releases prior to the security update provided in November 2022 [1].

Exploitation

An attacker must first obtain the ability to execute low-privileged code on the target system. Once that is achieved, the attacker can send a specially crafted request to the Unauthorized Change Prevention service, causing an out-of-bounds write. No additional user interaction is required beyond the initial low-privileged code execution [1].

Impact

Successful exploitation allows the attacker to escalate privileges to SYSTEM, enabling arbitrary code execution with the highest level of system access. This compromises the confidentiality, integrity, and availability of the affected system [1].

Mitigation

Trend Micro has released a security update to address this vulnerability. Users should apply the latest patch via the vendor's update mechanism. Refer to the vendor advisory for specific version details [1].