Lucene search
Lynn and Lays (@_L4ys)ZDI-23-835HistoryJun 08, 2023 - 12:00 a.m.
Trend Micro Apex One Security Agent Untrusted Search Path Local Privilege Escalation Vulnerability
2023-06-0800:00:00
Lynn and Lays (@_L4ys)
www.zerodayinitiative.com
11
vulnerability
local attackers
privilege escalation
trend micro apex one
untrusted location
arbitrary code
EPSS
0.001
Percentile
39.5%
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Apex One Client Plug-in Service Manager. The issue results from loading a module from an untrusted location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
Related
cnvd
cnvd
Trend Micro Apex One elevation of privilege vulnerability (CNVD-2023-65418)
2023-06-29 00:00:00
nvd
nvd
CVE-2023-34144
2023-06-26 22:15:11
CVE-2023-34145
2023-06-26 22:15:11
prion
prion
Design/Logic Flaw
2023-06-26 22:15:00
Design/Logic Flaw
2023-06-26 22:15:00
cvelist
cvelist
CVE-2023-34144
2023-06-26 21:57:41
CVE-2023-34145
2023-06-26 21:57:50
cve
cve
CVE-2023-34145
2023-06-26 22:15:11
CVE-2023-34144
2023-06-26 22:15:11
nessus
nessus
Trend Micro Apex One Multiple Vulnerabilities (000293322)
2024-02-12 00:00:00