VYPR

Apex One

by Trend Micro

CVEs (171)

  • CVE-2023-34148HigJun 26, 2023
    risk 0.51cvss 7.8epss 0.00

    An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an…

  • CVE-2023-34147HigJun 26, 2023
    risk 0.51cvss 7.8epss 0.00

    An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an…

  • CVE-2023-34146HigJun 26, 2023
    risk 0.51cvss 7.8epss 0.00

    An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an…

  • CVE-2023-34145HigJun 26, 2023
    risk 0.51cvss 7.8epss 0.00

    An untrusted search path vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate their privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged…

  • CVE-2023-34144HigJun 26, 2023
    risk 0.51cvss 7.8epss 0.00

    An untrusted search path vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate their privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged…

  • CVE-2023-25148HigMar 10, 2023
    risk 0.51cvss 7.8epss 0.00

    A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to exploit the vulnerability by changing a specific file into a pseudo-symlink, allowing privilege escalation on affected installations. Please note: an attacker must first…

  • CVE-2023-25146HigMar 10, 2023
    risk 0.51cvss 7.8epss 0.00

    A security agent link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to quarantine a file, delete the original folder and replace with a junction to an arbitrary location, ultimately leading to an arbitrary file dropped to an arbitrary…

  • CVE-2023-25145HigMar 10, 2023
    risk 0.51cvss 7.8epss 0.00

    A link following vulnerability in the scanning function of Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in…

  • CVE-2023-25144HigMar 10, 2023
    risk 0.51cvss 7.8epss 0.00

    An improper access control vulnerability in the Trend Micro Apex One agent could allow a local attacker to gain elevated privileges and create arbitrary directories with arbitrary ownership.

  • CVE-2022-45798HigDec 24, 2022
    risk 0.51cvss 7.8epss 0.00

    A link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges by creating a symbolic link and abusing the service to delete a file. Please note: an…

  • CVE-2022-44653HigDec 12, 2022
    risk 0.51cvss 7.8epss 0.01

    A security agent directory traversal vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the…

  • CVE-2022-44652HigDec 12, 2022
    risk 0.51cvss 7.8epss 0.00

    An improper handling of exceptional conditions vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code…

  • CVE-2022-44650HigDec 12, 2022
    risk 0.51cvss 7.8epss 0.00

    A memory corruption vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex One and Apex One as a Service could allow a local attacker to elevate privileges on affected installations. Please note: an attacker must first obtain the ability to execute…

  • CVE-2022-44649HigDec 12, 2022
    risk 0.51cvss 7.8epss 0.00

    An out-of-bounds access vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex One and Apex One as a Service could allow a local attacker to elevate privileges on affected installations. Please note: an attacker must first obtain the ability to…

  • CVE-2022-41749HigOct 10, 2022
    risk 0.51cvss 7.8epss 0.00

    An origin validation error vulnerability in Trend Micro Apex One agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit…

  • CVE-2022-41747HigOct 10, 2022
    risk 0.51cvss 7.8epss 0.00

    An improper certification validation vulnerability in Trend Micro Apex One agents could allow a local attacker to load a DLL file with system service privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on…

  • CVE-2022-40142HigSep 19, 2022
    risk 0.51cvss 7.8epss 0.00

    A security link following local privilege escalation vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service agents could allow a local attacker to create a writable folder in an arbitrary location and escalate privileges on affected installations. Please…

  • CVE-2022-36336HigJul 30, 2022
    risk 0.51cvss 7.8epss 0.01

    A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local attacker to escalate privileges on affected installations. The resolution for this issue has been deployed automatically via ActiveUpdate…

  • CVE-2022-30701HigMay 27, 2022
    risk 0.51cvss 7.8epss 0.00

    An uncontrolled search path element vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to craft a special configuration file to load an untrusted library with escalated privileges on affected installations. Please note: an attacker must…

  • CVE-2022-30700HigMay 27, 2022
    risk 0.51cvss 7.8epss 0.00

    An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged…

Page 4 of 9