Thursday, January 23, 2025
HomeCVE/vulnerabilityTrend Micro Apex One Vulnerabilities Let Escalate Privilege

Trend Micro Apex One Vulnerabilities Let Escalate Privilege

Published on

SIEM as a Service

Follow Us on Google News

Trend Micro has addressed six high-severity vulnerabilities in its Apex One and Apex One as a Service product, which could allow attackers to escalate privileges on affected Windows systems.

These vulnerabilities were disclosed under the Common Vulnerabilities and Exposures (CVE) system and have been resolved in the latest builds released by Trend Micro.

The vulnerabilities could potentially allow local attackers to gain elevated privileges and execute malicious operations on compromised systems. Trend Micro strongly recommends all users update their installations to mitigate potential security risks.

Vulnerabilities Summary

CVE IDDescription
CVE-2024-52048LogServer Link Following Local Privilege Escalation
CVE-2024-52049LogServer Link Following Local Privilege Escalation (variant of CVE-2024-52048)
CVE-2024-52050LogServer Arbitrary File Creation Local Privilege Escalation
CVE-2024-55631Engine Link Following Local Privilege Escalation
CVE-2024-55632Security Agent Link Following Local Privilege Escalation
CVE-2024-55917Origin Validation Error Local Privilege Escalation

Affected Versions

ProductAffected VersionsPlatformLanguage
Apex OneVersions before Build 13140WindowsEnglish
Apex One as a ServiceVersions before 202412 (Agent Version: 14.0.14203)WindowsEnglish

Solution

To address these vulnerabilities, Trend Micro has released the following updates:

ProductUpdated VersionAvailability
Apex OneSP1 Build 13140Now Available
Apex One as a ServiceDecember 2024 MaintenanceNow Available

Customers can download these updates via the Trend Micro Download Center. Ensure all prerequisite service packs are applied before installation.

To mitigate the risks posed by these vulnerabilities, Trend Micro advises organizations to take immediate action.

First and foremost, ensure that the latest patches and updates are applied promptly to affected Apex One products, as the vulnerabilities require system updates to be addressed effectively.

Since exploiting these issues typically requires an attacker to have local access to the target machine, organizations should also restrict physical and remote access to critical systems.

Reviewing and updating perimeter security measures, such as access controls and remote access policies, is crucial to minimizing exposure.

Adopting robust cybersecurity best practices, including privileged access management, network segmentation, and proactive monitoring, can provide an additional layer of defense against similar exploitation attempts in the future.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Critical Vulnerability in Next.js Framework Exposes Websites to Cache Poisoning and XSS Attacks

A new report has put the spotlight on potential security vulnerabilities within the popular...

New Cookie Sandwich Technique Allows Stealing of HttpOnly Cookies

The "Cookie Sandwich Attack" showcases a sophisticated way of exploiting inconsistencies in cookie parsing...

GhostGPT – Jailbreaked ChatGPT that Creates Malware & Exploits

Artificial intelligence (AI) tools have revolutionized how we approach everyday tasks, but they also...

Tycoon 2FA Phishing Kit Using Specially Crafted Code to Evade Detection

The rapid evolution of Phishing-as-a-Service (PhaaS) platforms is reshaping the threat landscape, enabling attackers...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

Critical Vulnerability in Next.js Framework Exposes Websites to Cache Poisoning and XSS Attacks

A new report has put the spotlight on potential security vulnerabilities within the popular...

GhostGPT – Jailbreaked ChatGPT that Creates Malware & Exploits

Artificial intelligence (AI) tools have revolutionized how we approach everyday tasks, but they also...

Tycoon 2FA Phishing Kit Using Specially Crafted Code to Evade Detection

The rapid evolution of Phishing-as-a-Service (PhaaS) platforms is reshaping the threat landscape, enabling attackers...