11 matches found
PT-2026-22851
Name of the Vulnerable Software and Affected Versions Trend Micro Apex One mac agent affected versions not specified Description An origin validation error in the iCore service allows a local attacker to escalate privileges. Exploitation requires the attacker to first have the ability to execute...
Trend Micro Confirms Active Exploitation of Critical Apex One Flaws in On-Premise Systems
Trend Micro has released mitigations to address critical security flaws in on-premise versions of Apex One Management Console that it said have been exploited in the wild. The vulnerabilities CVE-2025-54948 and CVE-2025-54987, both rated 9.4 on the CVSS scoring system, have been described as...
CVE-2024-58104
A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass existing security and execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the...
The vulnerability of the ApexOne Security Agent for antivirus software from Trend Micro’s Apex One and Apex One as a Service allows attackers to execute arbitrary code and gain elevated privileges.
The vulnerability of the ApexOne Security Agent in antivirus software products Trend Micro Apex One and Apex One as a Service is related to deficiencies in access control for the Suspect folder. Exploiting this vulnerability can allow attackers to execute arbitrary code and increase their...
CVE-2024-36303
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
CVE-2023-47200
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...
CVE-2023-47193
Trend Micro Apex One contains an origin validation vulnerability (CVE-2023-47193) in the Apex One security agent that could let a local attacker escalate privileges. The Nessus entry notes affected versions are Apex One prior to SP1 (Server Build 12526 and Agent Build 12526). It requires the atta...
Trend Micro Apex One Anti-Spyware Engine Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...
PT-2023-3203 · Trend Micro · Trend Micro Apex One Security Agent +1
Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One Security Agent affected versions not specified Trend Micro Apex One as a Service affected versions not specified Description: The issue is related to the use of dangerous methods or functions in the Trend Micro Apex One a...
PT-2023-3202 · Trend Micro · Trend Micro Apex One Security Agent +1
Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One Security Agent affected versions not specified Trend Micro Apex One as a Service affected versions not specified Description: The issue is related to an untrusted search path vulnerability in the security agent of Trend...
Trend Micro Apex One Security Agent Resource Exhaustion Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Trend Micro Apex One Security Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the logging of requests received on the management por...