The vulnerability of the Apex One NT Listener anti-virus software programs Trend Micro Apex One and Apex One as a Service allows attackers to enhance their privileges and execute arbitrary code.

🗓️ 10 Jun 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru

Apex One NT Listener flaw enables privilege escalation and arbitrary code execution via inadequate data authenticity verification.

Reporter	Title	Published	Views	Family All 15
CNNVD	Trend Micro Apex One 安全漏洞	10 Jun 202400:00	–	cnnvd
CNVD	Trend Micro Apex One elevation of privilege vulnerability (CNVD-2024-40818)	11 Jun 202400:00	–	cnvd
CVE	CVE-2024-36302	10 Jun 202421:20	–	cve
Cvelist	CVE-2024-36302	10 Jun 202421:20	–	cvelist
EUVD	EUVD-2024-36021	3 Oct 202520:07	–	euvd
Japan Vulnerability Notes	Multiple vulnerabilities in multiple Trend Micro products	20 Jun 202405:59	–	jvn
NCSC	Vulnerabilities fixed in Trend Micro Apex One	11 Jun 202411:51	–	ncsc
NVD	CVE-2024-36302	10 Jun 202422:15	–	nvd
OSV	CVE-2024-36302	10 Jun 202422:15	–	osv
Positive Technologies	PT-2023-9181 · Trend Micro · Trend Micro Apex One	3 Oct 202300:00	–	ptsecurity

Vulners

Node

trend_micro apex_one_as_a_serviceRange<14.0.13139

Source	Link
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-24-569/
vuldb	www.vuldb.com/ru/
success	www.success.trendmicro.com/dcx/s/solution/000298063
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2024060452
web	www.web.nvd.nist.gov/view/vuln/detail

10 Jun 2024 00:00Current

7.5High risk

Vulners AI Score7.5

CVSS 26.8

CVSS 37.8

EPSS0.00065

Trend Micro Apex One NT Listener Data authenticity Privilege escalation Arbitrary code execution Apex One Service