Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-40140: ZDI-22-1189

An origin validation error vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to cause a denial-of-service on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE
#vulnerability#dos#zero_day

September 14th, 2022

Trend Micro Apex One Origin Validation Error Denial-of-Service Vulnerability****ZDI-22-1189
ZDI-CAN-16314

CVE ID

CVE-2022-40140

CVSS SCORE

5.5, (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

AFFECTED VENDORS

Trend Micro

AFFECTED PRODUCTS

Apex One

VULNERABILITY DETAILS

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

The specific flaw exists within the Apex One NT Listener service. The issue results from insufficient validation of the origin of commands. An attacker can leverage this vulnerability to delete the Security Agent from the endpoint.

ADDITIONAL DETAILS

Trend Micro has issued an update to correct this vulnerability. More details can be found at:
https://success.trendmicro.com/solution/000291528

DISCLOSURE TIMELINE

  • 2022-02-09 - Vulnerability reported to vendor
  • 2022-09-14 - Coordinated public release of advisory

CREDIT

Simon Zuckerbraun - Trend Micro Zero Day Initiative

BACK TO ADVISORIES

Related news

CVE-2022-38108: Published | Zero Day Initiative

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.

CVE-2022-36957: Published | Zero Day Initiative

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.

CVE-2022-40144: 「Trend Micro Apex One」および「Trend Micro Apex One SaaS」における複数の脆弱性について(JVN#36454862):IPA 独立行政法人 情報処理推進機構

A vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service could allow an attacker to bypass the product’s login authentication by falsifying request parameters on affected installations.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907