all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ZDI-23-1613: Trend Micro Apex One CNTAoSMgr Origin Validation Error Local Privilege Escalation Vulnerability

Add to bookmarks
Nov. 14, 2023, 6 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2023-47201.

agent apex apex one attacker attackers code cvss error escalation exploit local local privilege escalation low micro order origin privilege privileged privilege escalation privileges rating security system target trend trend micro validation vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-579: Apple macOS PPM Image Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 4 days ago | www.zerodayinitiative.com
apple apple macos arbitrary code attack +20
ZDI-24-578: Apple macOS CoreGraphics Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 4 days ago | www.zerodayinitiative.com
apple apple macos attackers cves +19
ZDI-24-582: SEW-EURODRIVE MOVITOOLS MotionStudio XML External Entity Processing Information Disclosure Vulnerability 4 days ago | www.zerodayinitiative.com
cvss disclosure exploit external +13
ZDI-24-581: Microsoft Azure SQL Managed Instance Documentation SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability 4 days ago | www.zerodayinitiative.com
attackers authentication authentication bypass azure +16
ZDI-24-580: Microsoft Artifact Registry Container Images Empty Password Authentication Bypass Vulnerability 4 days ago | www.zerodayinitiative.com
artifact attackers authentication authentication bypass +14
ZDI-24-577: Trend Micro Apex One Improper Access Control Local Privilege Escalation Vulnerability 4 days ago | www.zerodayinitiative.com
access access control apex apex one +24
ZDI-24-576: Trend Micro Maximum Security coreServiceShell Link Following Local Privilege Escalation Vulnerability 4 days ago | www.zerodayinitiative.com
attacker attackers code cvss +20
ZDI-24-575: Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability 4 days ago | www.zerodayinitiative.com
attacker attackers code cves +21
ZDI-24-574: Trend Micro InterScan Web Security Virtual Appliance Cross-Site Scripting Privilege Escalation Vulnerability 4 days ago | www.zerodayinitiative.com
attackers authentication cross-site cve +19

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com