Threat actors attempted to exploit two zero-day vulnerabilities (CVE-2021-36741 and CVE-2021-36742) in Trend Micro’s Apex One EDR platform and to attack its customers. Cybersecurity researchers fr om Trend Micro said that attacks took place earlier this year and the company released patches for both bugs at the end of July.
Trend Micro said both 0-days have been used in an exploit chain wh ere the hackers uploaded malicious code on Apex One platforms and then elevated their privileges to gain control over the host system.
The first bug is an arbitrary file upload vulnerability, while the second is described as local privilege escalation vulnerability.
Apex One customers are highly recommended to update their systems to the latest versions. Patches cover both problems in Apex One on-premise version and the cloud-hosted (SaaS) solution.
Apex One is an automated, all-in-one endpoint security solution. It represents a further development of OfficeScan, which has already gained widespread acceptance in the corporate market.