Multiple vulnerabilities in Trend Micro Apex One
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2022-24678 CVE-2022-24679 CVE-2022-24680 |
| CWE-ID | CWE-400 CWE-59 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Apex One Client/Desktop applications / Antivirus software/Personal firewalls |
| Vendor | Trend Micro |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Resource exhaustion
EUVDB-ID: #VU60624
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2022-24678
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can force the application to consume all disk space in the temporary log location and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsApex One: 2019 - Patch 6 B10048
Fixed software versionsCPE2.3 External links
http://success.trendmicro.com/solution/000290464
http://www.zerodayinitiative.com/advisories/ZDI-22-372/
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
2) Link following
EUVDB-ID: #VU60625
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2022-24679
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insecure symbolic link following. A local user can create a symbolic link to a critical file on the system and escalate privileges.
Install updates from vendor's website.
Vulnerable software versionsApex One: 2019 - Patch 6 B10048
Fixed software versionsCPE2.3 External links
http://success.trendmicro.com/solution/000290464
http://www.zerodayinitiative.com/advisories/ZDI-22-370/
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
3) Link following
EUVDB-ID: #VU60626
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2022-24680
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insecure symbolic link following. A local user can create a symbolic link to a arbitrary directory on the system and delete it with elevated privileges. The vulnerability can be used to escalate privileges on the system.Mitigation
Install updates from vendor's website.
Vulnerable software versionsApex One: 2019 - Patch 6 B10048
Fixed software versionsCPE2.3 External links
http://success.trendmicro.com/solution/000290464
http://www.zerodayinitiative.com/advisories/ZDI-22-369/
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
