Wednesday, December 25, 2024
HomeCVE/vulnerabilityTrend Micro Zero-day Vulnerability Let Attackers Run Arbitrary Code

Trend Micro Zero-day Vulnerability Let Attackers Run Arbitrary Code

Published on

SIEM as a Service

If you use Trend Micro Apex One, you should know that the third-party Antivirus uninstaller feature may have a security hole. This flaw could make it possible for random code to be run.

Even though the National Vulnerability Database (NVD) hasn’t proven how bad the problem is yet, you should be careful and take the right steps to protect your system.

But it was also found that this security hole is being used in the real world (ITW). “Trend Micro has seen at least one ongoing attempt in the wild (ITW) to take advantage of this vulnerability. Customers are strongly urged to update as soon as possible.” Trend Micro’s post is read.

- Advertisement - SIEM as a Service

Trend Micro has put out a security warning about how to fix this problem. Worry-Free Business Security (WFBS) and Worry-Free Business Security Services (WFBSS) are also vulnerable because of this flaw.

CVE-2023-41179 â€“ Arbitrary Code Execution Vulnerability

Threat actors can use this hole to send orders to endpoints that are vulnerable. For an attacker to take advantage of this flaw, they must have access to the administrative console on the target machine.

If the exploit works, the attacker may be able to run commands on the PC where the security agent is installed with system rights. Trend Micro has given this vulnerability a score of 9.1 (Critical) for how bad it is.

Affected Products & Fixed in Versions

ProductAffected Version(s)PlatformFixed in Version*Notes
Apex One2019 (On-prem)WindowsSP1 Patch 1 (B12380)Readme
Apex One as a ServiceSaaSWindowsJuly 2023 Monthly Patch (202307)Agent Version: 14.0.12637Readme
Worry-Free Business Security(WFBS)10.0 SP1Windows10.0 SP1 Patch 2495Readme
Worry-Free Business Security Services(WFBSS)SaaSWindowsJuly 31, 2023Monthly Maintenance Release

Users of these products should change to the most recent version of these products so that threat actors don’t take advantage of this vulnerability.

Keep informed about the latest Cyber Security News by following us on Google NewsLinkedinTwitter, and Facebook.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Node.js systeminformation Package Vulnerability Exposes Millions of Systems to RCE Attacks

A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing...

Skuld Malware Using Weaponized Windows Utilities Packages To Deliver Malware

Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer...

BellaCiao, A new .NET Malware With Advanced Sophisticated Techniques

An investigation revealed an intrusion in Asia involving the BellaCiao .NET malware, as the...

Malicious Apps On Amazon Appstore Records Screen And Interecpt OTP Verifications

A seemingly benign health app, "BMI CalculationVsn," was found on the Amazon App Store,...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Node.js systeminformation Package Vulnerability Exposes Millions of Systems to RCE Attacks

A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing...

Skuld Malware Using Weaponized Windows Utilities Packages To Deliver Malware

Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer...

BellaCiao, A new .NET Malware With Advanced Sophisticated Techniques

An investigation revealed an intrusion in Asia involving the BellaCiao .NET malware, as the...