The vulnerability of the VsApiNT module of the ApexOne Security Agent software in anti-virus programs from Trend Micro’s Apex One, and Apex One as a Service, allows attackers to gain unauthorized access to protected information.

🗓️ 10 Jun 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Attackers can access protected data via the Vs Api Nt module vulnerability in Trend Micro Apex One antivirus products.

Reporter	Title	Published	Views	Family All 13
CNNVD	Trend Micro Apex One 安全漏洞	10 Jun 202400:00	–	cnnvd
CNVD	Trend Micro Apex One Information Disclosure Vulnerability (CNVD-2024-40823)	12 Jun 202400:00	–	cnvd
CVE	CVE-2024-36307	10 Jun 202421:21	–	cve
Cvelist	CVE-2024-36307	10 Jun 202421:21	–	cvelist
EUVD	EUVD-2024-36026	3 Oct 202520:07	–	euvd
Japan Vulnerability Notes	Multiple vulnerabilities in multiple Trend Micro products	20 Jun 202405:59	–	jvn
NCSC	Vulnerabilities fixed in Trend Micro Apex One	11 Jun 202411:51	–	ncsc
NVD	CVE-2024-36307	10 Jun 202422:15	–	nvd
OSV	CVE-2024-36307	10 Jun 202422:15	–	osv
Positive Technologies	PT-2023-9184 · Trend Micro · Trend Micro Apex One As A Service +1	1 Dec 202300:00	–	ptsecurity

Vulners

Node

trend_micro apex_one_as_a_serviceRange<14.0.13139

Source	Link
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-24-573/
success	www.success.trendmicro.com/dcx/s/solution/000298063
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2024060452
vuldb	www.vuldb.com/ru/
web	www.web.nvd.nist.gov/view/vuln/detail

10 Jun 2024 00:00Current

5.5Medium risk

Vulners AI Score5.5

CVSS 23.8

CVSS 34.7

EPSS0.00057

Trend Micro Apex One antivirus products unauthorized data access module vulnerability protected information