Back to search
CVE-2022-40143
Published: Sep 19, 2022
Modified: Aug 3, 2024
PUBLISHED
Description
A link following local privilege escalation vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service servers could allow a local attacker to abuse an insecure directory that could allow a low-privileged user to run arbitrary code with elevated privileges. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
| Vendor | Product | Versions |
|---|---|---|
Trend Micro | Trend Micro Apex One | affected 2019 (on-prem) and SaaS |
References
https://success.trendmicro.com/solution/000291528
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-22-1191/
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now