5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
MULTIPLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:M/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
79.9%
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A critical zero-day vulnerability, tracked as CVE-2023-41179, has been identified in the third-party AV uninstaller module contained in Trend Micro Apex One, Worry-Free Business Security, and Worry-Free Business Security Services. This vulnerability has the potential to allow an attacker to manipulate the module and execute arbitrary commands on an affected installation. This is a serious security issue that can lead to unauthorized code execution with system privileges on deployed agents. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.