The vulnerability of the Apex One NT RealTime Scan (ntrtscan.exe) service of the Trend Micro Apex One and Apex One as a Service antivirus programs allows a malicious actor to execute arbitrary code and gain unauthorized access to protected information.

🗓️ 29 May 2023 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Apex One RealTime Scan service flaw enables arbitrary code execution and unauthorized access due to link definition error.

Reporter	Title	Published	Views	Family All 16
Circl	CVE-2023-32556	27 Jun 202302:21	–	circl
CNNVD	Trend Micro Apex One 后置链接漏洞	26 Jun 202300:00	–	cnnvd
CNVD	Unspecified vulnerability in Trend Micro Apex One (CNVD-2023-65415)	29 Jun 202300:00	–	cnvd
CVE	CVE-2023-32556	26 Jun 202321:56	–	cve
Cvelist	CVE-2023-32556	26 Jun 202321:56	–	cvelist
EUVD	EUVD-2023-36800	3 Oct 202520:07	–	euvd
Japan Vulnerability Notes	Security updates for multiple Trend Micro products for enterprises (June 2023)	14 Jun 202305:47	–	jvn
NCSC	Vulnerabilities fixed in Trend Micro Apex One	17 May 202300:00	–	ncsc
NVD	CVE-2023-32556	26 Jun 202322:15	–	nvd
OSV	CVE-2023-32556	26 Jun 202322:15	–	osv

Vulners

Node

trend_micro apex_one_as_a_serviceRange<14.0.12105

Source	Link
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB20230516111
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-CAN-16525/
success	www.success.trendmicro.com/dcx/s/solution/000293108
web	www.web.nvd.nist.gov/view/vuln/detail

29 May 2023 00:00Current

6.7Medium risk

Vulners AI Score6.7

CVSS 24.6

CVSS 35.5

EPSS0.00057

Apex One RealTime scan service flaw link definition error arbitrary code execution unauthorized access