TrendAI Vision One Security Agent Origin Validation Flaw Allows Local Privilege Escalation to SYSTEM
A high-severity origin validation vulnerability in TrendAI Vision One Security Agent lets local attackers with low privileges escalate to SYSTEM rights on affected systems.
A high-severity local privilege escalation vulnerability has been disclosed in TrendAI Vision One Security Agent, tracked as CVE-2026-34927 and assigned ZDI-26-320. The flaw, rated CVSS 7.8, allows attackers who already have low-privileged code execution on a target system to escalate their privileges to SYSTEM, the highest level of access on Windows. The vulnerability was reported to TrendAI by researcher Lays (@_L4ys) of TRAPA Security on October 29, 2025, and was publicly disclosed on May 28, 2026, after coordinated disclosure.
The specific flaw resides in the Apex One NT Listener service, a component of the TrendAI Vision One Security Agent. The issue stems from insufficient validation of the origin of commands sent to this service. An attacker who has already achieved low-privileged code execution on the system can send specially crafted commands to the Apex One NT Listener service, which will execute them with SYSTEM privileges. This effectively bypasses the security boundaries that normally separate user-level processes from kernel-level or system-level operations.
The impact of this vulnerability is significant for organizations deploying TrendAI Vision One Security Agent. An attacker who successfully exploits CVE-2026-34927 can gain full control over the affected system, including the ability to install programs, view, change, or delete data, and create new accounts with full user rights. This could serve as a stepping stone for broader network compromise, especially in enterprise environments where the security agent is deployed across many endpoints.
TrendAI has issued an update to correct this vulnerability, according to the advisory. The company has provided details in a knowledge base article at https://success.trendmicro.com/en-US/solution/KA-0023430. Administrators are strongly advised to apply the patch as soon as possible to mitigate the risk of exploitation. The vulnerability affects the Vision One product line, which is a key component of TrendAI's enterprise security portfolio.
This disclosure follows a pattern of local privilege escalation vulnerabilities in security software, which are particularly dangerous because they can be used by attackers who have already breached a system to gain deeper access. Security agents, by their nature, run with elevated privileges to monitor and protect systems, making them attractive targets for privilege escalation attacks. The CVE-2026-34927 vulnerability underscores the importance of keeping security software up to date, as even protective tools can introduce risks if not properly maintained.
Organizations using TrendAI Vision One Security Agent should prioritize patching this vulnerability, especially on systems where users have low-privileged access. The CVSS score of 7.8 reflects the high confidentiality, integrity, and availability impact, although the attack vector is local and requires prior low-privileged access. As with all local privilege escalation flaws, the best defense is a layered security approach that includes least-privilege principles, regular patching, and monitoring for suspicious activity.
The advisory (ZDI-26-325) now provides full technical details, confirming the flaw resides in the Apex One NT Listener service due to insufficient origin validation of commands. TrendAI has released a security update, referenced in solution KA-0023430. The vulnerability was reported by researcher Lays (@_L4ys) of TRAPA Security and carries a CVSS score of 7.8.