VYPR

Apex One

by Trend Micro

CVEs (171)

  • CVE-2022-44651HigDec 12, 2022
    risk 0.46cvss 7.0epss 0.00

    A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the…

  • CVE-2022-45797HigDec 12, 2022
    risk 0.46cvss 7.1epss 0.01

    An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges and delete files on affected installations. Please note: an attacker must first…

  • CVE-2022-41745HigOct 10, 2022
    risk 0.46cvss 7.0epss 0.01

    An Out-of-Bounds access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message to cause memory corruption on a certain service process which could lead to local privilege escalation on affected installations. Please note: an…

  • CVE-2022-41744HigOct 10, 2022
    risk 0.46cvss 7.0epss 0.00

    A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One Vulnerability Protection integrated component could allow a local attacker to escalate privileges and turn a specific working directory into a mount point on affected installations. Please note: an attacker…

  • CVE-2021-44024HigJan 10, 2022
    risk 0.46cvss 7.1epss 0.00

    A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. Please note: an attacker must…

  • CVE-2020-24558HigSep 1, 2020
    risk 0.46cvss 7.1epss 0.01

    A vulnerability in an Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services dll may allow an attacker to manipulate it to cause an out-of-bounds read that crashes multiple processes in the product. An attacker must first obtain the…

  • CVE-2025-49158MedJun 17, 2025
    risk 0.44cvss 6.7epss 0.00

    An uncontrolled search path vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalation privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in…

  • CVE-2023-25147MedMar 10, 2023
    risk 0.44cvss 6.7epss 0.00

    An issue in the Trend Micro Apex One agent could allow an attacker who has previously acquired administrative rights via other means to bypass the protection by using a specifically crafted DLL during a specific update process. Please note: an attacker must first obtain…

  • CVE-2021-25246MedFeb 4, 2021
    risk 0.42cvss 6.5epss 0.02

    An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG SP1, and Worry-Free Business Security could allow an unauthenticated user to create a bogus agent on an affected server that could be used then make…

  • CVE-2024-36306MedJun 10, 2024
    risk 0.40cvss 6.1epss 0.01

    A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute…

  • CVE-2019-19692MedDec 20, 2019
    risk 0.40cvss 6.1epss 0.01

    Trend Micro Apex One (2019) is affected by a cross-site scripting (XSS) vulnerability on the product console. Note that the Japanese version of the product is NOT affected.

  • CVE-2023-32556MedJun 26, 2023
    risk 0.36cvss 5.5epss 0.00

    A link following vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to disclose sensitive information. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…

  • CVE-2023-30902MedJun 26, 2023
    risk 0.36cvss 5.5epss 0.00

    A privilege escalation vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to unintentionally delete privileged Trend Micro registry keys including its own protected registry keys on affected installations.

  • CVE-2022-44648MedDec 12, 2022
    risk 0.36cvss 5.5epss 0.01

    An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2022-44647MedDec 12, 2022
    risk 0.36cvss 5.5epss 0.01

    An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2022-40140MedSep 19, 2022
    risk 0.36cvss 5.5epss 0.00

    An origin validation error vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to cause a denial-of-service on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2021-44022MedDec 3, 2021
    risk 0.36cvss 5.5epss 0.00

    A reachable assertion vulnerability in Trend Micro Apex One could allow an attacker to crash the program on affected installations, leading to a denial-of-service (DoS). Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in…

  • CVE-2021-3848MedOct 6, 2021
    risk 0.36cvss 5.5epss 0.00

    An arbitrary file creation by privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1, and Worry-Free Business Security Services could allow a local attacker to create an arbitrary file with higher privileges that…

  • CVE-2021-28646MedApr 13, 2021
    risk 0.36cvss 5.5epss 0.00

    An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to take control of a specific log file on affected installations.

  • CVE-2021-25248MedFeb 4, 2021
    risk 0.36cvss 5.5epss 0.01

    An out-of-bounds read information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow an attacker to disclose sensitive information about a named pipe. Please note: an…

Page 7 of 9