SB2020083111 - Multiple vulnerabilities in Trend Micro Apex One
Published: August 31, 2020 Updated: April 22, 2021
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 5 secuirty vulnerabilities.
1) Windows Hard Link (CVE-ID: CVE-2020-24556)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to Windows improperly handles hard links within the ApexOne Security Agent. A local user can create a hard link and abuse the service to overwrite the contents of a chosen file, leading to an elevated status.
2) Windows Hard Link (CVE-ID: CVE-2020-24559)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to Windows improperly handles hard links within the ApexOne Security Agent. A local user can create a hard link and abuse the service to overwrite the contents of a chosen file, leading to an elevated status.
3) Out-of-bounds read (CVE-ID: CVE-2020-24558)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within OfcPIPC_64x.dll. A local user can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and cause a denial of service condition on the system.
4) Improper access control (CVE-ID: CVE-2020-24557)
The vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions within the ApexOne Security Agent. A local user can manipulate a particular product folder to disable the security temporarily and gain elevated privileges on the target system.
5) Windows Hard Link (CVE-ID: CVE-2020-24562)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to Windows improperly handles hard links within the ApexOne Security Agent. A local user can create a hard link and abuse the service to overwrite the contents of a chosen file, leading to an elevated status.
Remediation
Install update from vendor's website.
References
- https://www.zerodayinitiative.com/advisories/ZDI-20-1093/
- https://success.trendmicro.com/solution/000263632
- https://www.zerodayinitiative.com/advisories/ZDI-20-1096/
- https://www.zerodayinitiative.com/advisories/ZDI-20-1095/
- https://www.zerodayinitiative.com/advisories/ZDI-20-1094/
- https://appweb.trendmicro.com/SupportNews/NewsDetail.aspx?id=4126