TrendAI Vision One Security Agent Origin Validation Flaw Allows Local Privilege Escalation to SYSTEM
A high-severity origin validation vulnerability in TrendAI Vision One Security Agent lets local attackers with low privileges escalate to SYSTEM rights on affected systems.
A local privilege escalation vulnerability has been disclosed in TrendAI Vision One Security Agent, tracked as CVE-2026-45206 with a CVSS score of 7.8. The flaw, reported by researcher Lays (@_L4ys) of TRAPA Security through the Zero Day Initiative, resides in the Apex One NT Listener service and stems from insufficient validation of the origin of commands. An attacker who first gains the ability to execute low-privileged code on the target system can exploit this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
The specific issue is an origin validation error within the Apex One NT Listener service. According to the advisory published by ZDI on May 28, 2026, the service fails to properly verify the source of incoming commands, allowing a local attacker to send crafted requests that are treated as trusted. This enables the attacker to bypass security checks and perform operations with elevated privileges, ultimately achieving full SYSTEM-level access.
TrendAI Vision One Security Agent is deployed across enterprise environments to provide endpoint detection and response (EDR), antivirus, and threat monitoring capabilities. The agent runs with high integrity to perform its security functions, making any privilege escalation vulnerability particularly dangerous. An attacker who compromises a low-privileged user account or gains initial foothold through malware can leverage this flaw to take complete control of the endpoint, potentially disabling security controls, exfiltrating sensitive data, or moving laterally within the network.
TrendAI has been notified of the vulnerability and has issued an update to correct the issue. The vendor's advisory is available at TrendAI's security bulletin. The disclosure timeline shows the vulnerability was reported to TrendAI on October 29, 2025, with coordinated public release on May 28, 2026. Organizations using TrendAI Vision One Security Agent should apply the patch as soon as possible to mitigate the risk of local privilege escalation attacks.
This vulnerability highlights the ongoing challenge of securing endpoint security software itself. As security agents run with elevated privileges to monitor and protect systems, any flaw in their command validation or input handling can become a vector for attackers to gain higher access. The origin validation error in this case is a classic example of a trust boundary violation, where the service implicitly trusts commands that should have been authenticated or validated.
While no active exploitation has been reported at the time of disclosure, the detailed advisory and public CVE assignment increase the likelihood of attackers developing proof-of-concept exploits. Security teams should prioritize patching, especially on systems where users have local access or where the risk of initial compromise is higher. The CVSS score of 7.8 reflects the high impact on confidentiality, integrity, and availability, though the attack requires local access and low privileges, limiting remote exploitation.
This disclosure follows a pattern of privilege escalation vulnerabilities in endpoint security products, including a previous TOCTOU flaw in the same TrendAI Apex One NT RealTime Scan service. Organizations should review their endpoint security configurations and ensure that all TrendAI components are updated to the latest versions to defend against these locally exploitable weaknesses.
The advisory, published by Zero Day Initiative as ZDI-26-323, assigns CVE-2026-34930 with a CVSS score of 7.8 and credits researcher Lays (@_L4ys) of TRAPA Security for the discovery. TrendAI has released an update to address the flaw, with more details available in their security bulletin KA-0023430. The vulnerability was reported on October 29, 2025, and publicly disclosed on May 28, 2026.
Zero Day Initiative has published the full technical details of the flaw under advisory ZDI-26-321, identifying the vulnerable component as the Apex One NT Listener service and confirming the issue results from insufficient validation of command origins. The disclosure timeline shows TrendAI was notified on October 29, 2025, and the coordinated public release occurred on May 28, 2026. TrendAI has issued an update at their support portal to address the vulnerability, which was discovered and reported by researcher Lays (@_L4ys) of TRAPA Security.
The Zero Day Initiative has now published a coordinated advisory (ZDI-26-322) for CVE-2026-34929, crediting researcher Lays (@_L4ys) of TRAPA Security for discovering the flaw. The advisory confirms the vulnerability resides in the Apex One NT Listener service and stems from insufficient validation of command origins, allowing an attacker with low-privileged code execution to escalate to SYSTEM. TrendAI has issued a security update via advisory KA-0023430; users are urged to apply the patch immediately.