A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass existing security and execute arbitrary code on affected installations. This CVE address an addtional bypass not covered in CVE-2024-58104. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
oryginał ENCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HTrendmicro Apex One
APPTrendmicro< 14.0.14203< 2019.13140
Powiązane podatności
Command injection w Trend Micro Apex One – RCE bez uwierzytelnienia
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attac...
Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote a...
RCE w Trend Micro Apex One – command injection bez uwierzytelnienia
A path traversal vulnerability in the Trend Micro Apex One and Apex One as a Service could allow an unauthenti...