Lucene search

K
prionPRIOn knowledge basePRION:CVE-2023-34147
HistoryJun 26, 2023 - 10:15 p.m.

Design/Logic Flaw

2023-06-2622:15:00
PRIOn knowledge base
www.prio-n.com
5
logic flaw
dangerous function
privilege escalation
arbitrary value
local attacker
trend micro
agent subkeys
low-privileged code
cve-2023-34146
cve-2023-34148

0.0004 Low

EPSS

Percentile

15.9%

An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

This is a similar, but not identical vulnerability as CVE-2023-34146 and CVE-2023-34148.

CPENameOperatorVersion
apex_onelt14.0.12518
apex_oneeq2019

0.0004 Low

EPSS

Percentile

15.9%

Related for PRION:CVE-2023-34147