Lucene search
Simon Zuckerbraun - Trend Micro Zero Day InitiativeZDI-22-1620HistoryNov 21, 2022 - 12:00 a.m.
Trend Micro Apex One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
2022-11-2100:00:00
Simon Zuckerbraun - Trend Micro Zero Day Initiative
www.zerodayinitiative.com
14
trend micro
apex one
security agent
local privilege escalation
vulnerability
attackers
exploit
flaw
plug-in service manager
file operations
arbitrary code
system
EPSS
0
Percentile
15.9%
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Apex One Client Plug-in Service Manager. The issue results from the lack of proper locking when performing operations on a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
Related
prion
prion
Design/Logic Flaw
2022-12-12 13:15:00
cve
cve
CVE-2022-44651
2022-12-12 13:15:15
nvd
nvd
CVE-2022-44651
2022-12-12 13:15:15
cvelist
cvelist
CVE-2022-44651
2022-11-21 17:57:30