Trend Micro addresses a serious vulnerability that allows remote code execution
Timely resolution of a serious vulnerability in Trend Micro's Apex One solution
Trend Micro has successfully patched a serious zero-day vulnerability in Apex One, its endpoint security solution. Attackers were exploiting this flaw, so it is important to update affected products to protect systems.
Trend Micro has successfully addressed a zero-day vulnerability that allowed remote code execution in its Apex One endpoint protection solution. This vulnerability has been actively exploited in attacks.
Apex One security solution details
Apex One is an endpoint security solution designed to serve businesses of all sizes. It also includes the 'Worry-Free Business Security' suite, suitable for small and medium-sized businesses.
Identification and assignment of the CVE code
The vulnerability, identified as CVE-2023-41179, has been classified with a high severity level of 9.1 according to CVSS v3, which classifies it as "critical". The flaw was found in a third-party uninstall module included in the security software.
Updates and recommended actions
In light of an active attempt to exploit this vulnerability, Trend Micro has released fixes in newer versions of affected products. Customers are strongly encouraged to update to the latest versions as soon as possible. To exploit CVE-2023-41179, the attacker must have first obtained the product management console credentials and used them to log in. Otherwise, the attacker would have to have physical or remote access to the vulnerable machine."
Follow us on Google News for more pills like this09/20/2023 08:48
Editorial AI