Headline
CVE-2022-40139: DCX
Improper validation of some components used by the rollback mechanism in Trend Micro Apex One and Trend Micro Apex One as a Service clients could allow a Apex One server administrator to instruct affected clients to download an unverified rollback package, which could lead to remote code execution.
Please note: an attacker must first obtain Apex One server administration console access in order to exploit this vulnerability.
Loading
×Sorry to interrupt
CSS Error
Refresh
Related news
CVE-2022-40144: 「Trend Micro Apex One」および「Trend Micro Apex One SaaS」における複数の脆弱性について(JVN#36454862):IPA 独立行政法人 情報処理推進機構
A vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service could allow an attacker to bypass the product’s login authentication by falsifying request parameters on affected installations.