Trend Micro has released an advisory covering a critical zero-day flaw — tracked as CVE-2023-41179 — that affects Apex One, Apex One SaaS, and Worry-Free Business Security.
The vulnerability can be exploited for arbitrary code execution, and it revolves around the “products’ ability to uninstall third-party security software.”
The advisory, written in Japanese, details how an attacker would need access to a product’s administrative console and would have had to have stolen its management console authentication prior to the attack, since the vulnerability can’t infiltrate a network on its own.
Trend Micro also noted that this vulnerability has been exploited in the wild, having “confirmed that this vulnerability has been used in actual attacks. We recommend updating to the latest version as soon as possible.”
Patches have been released for products impacted by this vulnerability.
- SEO Powered Content & PR Distribution. Get Amplified Today.
- PlatoData.Network Vertical Generative Ai. Empower Yourself. Access Here.
- PlatoAiStream. Web3 Intelligence. Knowledge Amplified. Access Here.
- PlatoESG. Carbon, CleanTech, Energy, Environment, Solar, Waste Management. Access Here.
- PlatoHealth. Biotech and Clinical Trials Intelligence. Access Here.
- Source: https://www.darkreading.com/endpoint/trend-micro-patches-zero-day-endpoint-vulnerability
- :has
- $UP
- 10
- 25
- a
- ability
- access
- actual
- administrative
- advisory
- also
- an
- and
- Apex
- around
- AS
- attack
- Attacks
- Authentication
- BE
- been
- breach
- business
- by
- CAN
- code
- CONFIRMED
- Console
- covering
- critical
- Cybersecurity
- daily
- data
- data breach
- delivered
- details
- emerging
- Endpoint
- execution
- exploited
- flaw
- For
- had
- Have
- having
- How
- HTTPS
- impacted
- in
- information
- IT
- ITS
- Japanese
- jpg
- latest
- management
- micro
- MPL
- Need
- network
- noted
- on
- ONE
- or
- own
- Patches
- plato
- Plato Data Intelligence
- PlatoData
- possible
- Prior
- Product
- Products
- recommend
- released
- revolves
- right
- s
- SaaS
- security
- Security software
- since
- Software
- Soon
- stolen
- subscribe
- T
- that
- The
- third-party
- this
- threats
- to
- Trend
- Trend Micro
- Trends
- updating
- used
- version
- Vulnerabilities
- vulnerability
- we
- weekly
- Wild
- with
- would
- written
- Your
- zephyrnet
