The vulnerability of the Damage Cleanup Engine of the Trend Micro Common Client Real-time Scan antivirus software, including the Apex One and Apex One as a Service solutions, allows a malicious actor to trigger a service failure.

🗓️ 10 Jun 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Vulnerability in Trend Micro Common Client Real-time Scan enables service failure via Apex One Service from incorrect link before file access.

Reporter	Title	Published	Views	Family All 12
CNNVD	Trend Micro Apex One 安全漏洞	10 Jun 202400:00	–	cnnvd
CNVD	Trend Micro Apex One Denial of Service Vulnerability	12 Jun 202400:00	–	cnvd
CVE	CVE-2024-36306	10 Jun 202421:21	–	cve
Cvelist	CVE-2024-36306	10 Jun 202421:21	–	cvelist
EUVD	EUVD-2024-36025	3 Oct 202520:07	–	euvd
Japan Vulnerability Notes	Multiple vulnerabilities in multiple Trend Micro products	20 Jun 202405:59	–	jvn
NCSC	Vulnerabilities fixed in Trend Micro Apex One	11 Jun 202411:51	–	ncsc
NVD	CVE-2024-36306	10 Jun 202422:15	–	nvd
Positive Technologies	PT-2023-9183 · Trend Micro · Trend Micro Apex One +1	3 Oct 202300:00	–	ptsecurity
Tenable Nessus	Trend Micro Apex One Multiple Vulnerabilities (KA-0016669)	26 Nov 202400:00	–	nessus

Vulners

Node

trend_micro apex_one_as_a_serviceRange<14.0.13139

Source	Link
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-24-568/
success	www.success.trendmicro.com/dcx/s/solution/000298063
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2024060452
web	www.web.nvd.nist.gov/view/vuln/detail

10 Jun 2024 00:00Current

6.3Medium risk

Vulners AI Score6.3

CVSS 25.2

CVSS 36.1

EPSS0.00058

Trend Micro Damage Cleanup Engine Common Client Real-time Scan Apex One Apex One Service incorrect link definition file access service failure