Multiple vulnerabilities in Trend Micro Apex One



Published: 2021-12-29 | Updated: 2022-01-06
Risk Low
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2021-44024
CVE-2021-45231
CVE-2021-45440
CVE-2021-45441
CWE-ID CWE-59
CWE-250
CWE-345
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe
Apex One
Client/Desktop applications / Antivirus software/Personal firewalls

Vendor Trend Micro

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Link following

EUVDB-ID: #VU59107

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-44024

CWE-ID: CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insecure link following. A local user can create a specially crafted symbolic link and overwrite arbitrary files with SYSTEM privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apex One: 2019 - Patch 5 b9565


CPE2.3 External links

http://success.trendmicro.com/solution/000289996
http://www.zerodayinitiative.com/advisories/ZDI-22-014/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Link following

EUVDB-ID: #VU59108

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-45231

CWE-ID: CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insecure link following. A local user can create a specially crafted symbolic link and overwrite arbitrary files with arbitrary content. Successful exploitation of the vulnerability may result in execution of arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apex One: 2019 - Patch 5 b9565


CPE2.3 External links

http://success.trendmicro.com/solution/000289996
http://www.zerodayinitiative.com/advisories/ZDI-22-013/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Execution with unnecessary privileges

EUVDB-ID: #VU59109

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-45440

CWE-ID: CWE-250 - Execution with Unnecessary Privileges

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to execution of.code with unnecessary privileges A local low-privileged user can run a specially crafted program to abuse an impersonation privilege and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apex One: 2019 - Patch 5 b9565


CPE2.3 External links

http://success.trendmicro.com/solution/000289996
http://www.zerodayinitiative.com/advisories/ZDI-22-016/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Insufficient verification of data authenticity

EUVDB-ID: #VU59110

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-45441

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an origin validation error. A local user can create a specially crafted file that to issue commands over a certain pipe and elevate to a higher level of privileges.  

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apex One: 2019 - Patch 5 b9565


CPE2.3 External links

http://success.trendmicro.com/solution/000289996
http://www.zerodayinitiative.com/advisories/ZDI-22-017/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###