Lucene search
Simon Zuckerbraun - Trend Micro Zero Day InitiativeZDI-23-657HistoryMay 17, 2023 - 12:00 a.m.
Trend Micro Apex One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
2023-05-1700:00:00
Simon Zuckerbraun - Trend Micro Zero Day Initiative
www.zerodayinitiative.com
6
local attackers
privilege escalation
trend micro apex one
vulnerability
arbitrary code
0.0004 Low
EPSS
Percentile
16.0%
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Apex One Client Plug-in Service Manager. The issue results from the lack of proper locking when performing operations on a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
Related
cnvd
cnvd
Unspecified vulnerability in Trend Micro Apex One (CNVD-2023-65414)
2023-06-29 00:00:00
prion
prion
Design/Logic Flaw
2023-06-26 22:15:00
Design/Logic Flaw
2023-06-26 22:15:00
cve
cve
CVE-2023-32554
2023-06-26 22:15:10
CVE-2023-32555
2023-06-26 22:15:10
cvelist
cvelist
CVE-2023-32555
2023-06-26 21:56:37
CVE-2023-32554
2023-06-26 21:56:27
nvd
nvd
CVE-2023-32555
2023-06-26 22:15:10
CVE-2023-32554
2023-06-26 22:15:10
nessus
nessus
Trend Micro Apex One Multiple Vulnerabilities (000293108)
2023-06-01 00:00:00