Privilege escalation in Trend Micro Apex One and Worry-Free Business

Published: 2023-09-19
Risk High
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2023-41179
Exploitation vector Local
Public exploit This vulnerability is being exploited in the wild.
Vulnerable software
Apex One
Client/Desktop applications / Antivirus software/Personal firewalls

Worry-Free Business Security
Client/Desktop applications / Software for system administration

Vendor Trend Micro

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) OS Command Injection

EUVDB-ID: #VU80895

Risk: High


CVE-ID: CVE-2023-41179

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No


The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper input validation within the third-party AV uninstaller module shipped with the software. A local user can execute arbitrary commands with elevated privileges.

Note, the vulnerability is being actively exploited in the wild.


Install updates from vendor's website.

Vulnerable software versions

Apex One: 2019 - SP1 b11564

Worry-Free Business Security: 9.5 - xg

CPE2.3 External links

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?