Trend Micro released emergency security updates to address a zero-day vulnerability in its Apex One endpoint protection solution actively exploited in the wild.
Tracked as CVE-2023-41179, the flaw is a command injection issue within the third-party AV uninstaller module shipped with the software. By exploiting this bug a local user can execute arbitrary commands with elevated privileges.
The affected software solutions include:
Trend Micro Apex One 2019
Trend Micro Apex One SaaS 2019
Worry-Free Business Security (WFBS) 10.0 SP1
Worry-Free Business Security Services (WFBSS) 10.0 SP1
The vendor didn’t provide additional details regarding the nature of exploitation, only noting that it “has observed at least one active attempt of potential exploitation of this vulnerability in the wild.”
Users are strongly recommended to update to the latest builds as soon as possible.