VYPR

Apex One as a Service

by Trend Micro

CVEs (16)

  • CVE-2022-40139KEVSep 19, 2022
    Trend Micro
    Apex One
    risk 0.13cvss epss 0.09

    Improper validation of some components used by the rollback mechanism in Trend Micro Apex One and Trend Micro Apex One as a Service clients could allow a Apex One server administrator to instruct affected clients to download an unverified rollback package, which could lead to…

  • CVE-2023-32557Jun 26, 2023
    Trend Micro
    Apex One
    risk 0.01cvss epss 0.06

    A path traversal vulnerability in the Trend Micro Apex One and Apex One as a Service could allow an unauthenticated attacker to upload an arbitrary file to the Management Server which could lead to remote code execution with system privileges.

  • CVE-2024-36307Jun 10, 2024
    Trend Micro
    Apex One
    risk 0.00cvss epss 0.00

    A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations. Please note: an attacker must first obtain the ability to execute…

  • CVE-2023-34148Jun 26, 2023
    Trend Micro
    Apex One
    risk 0.00cvss epss 0.00

    An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an…

  • CVE-2023-34147Jun 26, 2023
    Trend Micro
    Apex One
    risk 0.00cvss epss 0.00

    An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an…

  • CVE-2023-34146Jun 26, 2023
    Trend Micro
    Apex One
    risk 0.00cvss epss 0.00

    An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an…

  • CVE-2023-34144Jun 26, 2023
    Trend Micro
    Apex One
    risk 0.00cvss epss 0.00

    An untrusted search path vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate their privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged…

  • CVE-2023-32556Jun 26, 2023
    Trend Micro
    Apex One
    risk 0.00cvss epss 0.00

    A link following vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to disclose sensitive information. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…

  • CVE-2023-32555Jun 26, 2023
    Trend Micro
    Apex One
    risk 0.00cvss epss 0.00

    A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on…

  • CVE-2023-32554Jun 26, 2023
    Trend Micro
    Apex One
    risk 0.00cvss epss 0.00

    A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on…

  • CVE-2023-25143Mar 7, 2023
    Trend Micro
    Apex One as a Service
    risk 0.00cvss epss 0.02

    An uncontrolled search path element vulnerability in the Trend Micro Apex One Server installer could allow an attacker to achieve a remote code execution state on affected products.

  • CVE-2022-45798Dec 22, 2022
    Trend Micro
    Apex One
    risk 0.00cvss epss 0.00

    A link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges by creating a symbolic link and abusing the service to delete a file. Please note: an…

  • CVE-2022-44653Nov 21, 2022
    Trend Micro
    Apex One
    risk 0.00cvss epss 0.00

    A security agent directory traversal vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the…

  • CVE-2022-44649Nov 21, 2022
    Trend Micro
    Apex One
    risk 0.00cvss epss 0.00

    An out-of-bounds access vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex One and Apex One as a Service could allow a local attacker to elevate privileges on affected installations. Please note: an attacker must first obtain the ability to…

  • CVE-2022-44648Nov 21, 2022
    Trend Micro
    Apex One
    risk 0.00cvss epss 0.00

    An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2022-44647Nov 21, 2022
    Trend Micro
    Apex One
    risk 0.00cvss epss 0.00

    An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…