Trend Micro Warnes for Actively Exploited RCE Flaw in Apex One

Home/Exploitation, RCE Flaw, Security Advisory, Security Update, vulnerability/Trend Micro Warnes for Actively Exploited RCE Flaw in Apex One

Trend Micro Warnes for Actively Exploited RCE Flaw in Apex One

Trend Micro recently released a patch for an actively exploited flaw in its endpoint security platform, Apex One. The security software provider published an advisory to report six vulnerabilities and advised their customers to apply the patches immediately. 

There are indications of CVE-2022-40139(CVSS score: 7.2) being actively exploited in the wild. Attackers can remotely execute arbitrary code on computers running unpatched systems due to the vulnerability. It can only be exploited by an attacker who has administration console access. 

Even though this definitely raises the skill level required to abuse CVE-2022-40139 in attacks, Trend Micro warned customers today that it has already observed at least one active exploitation attempt in the wild.

Other High Severity Flaws in Apex One

Today, Trend Micro addressed another high severity vulnerability in the Apex One product (CVE-2022-40144), allowing potential attackers to bypass authentication by falsifying request parameters on affected installations.

“Trend Micro has observed at least one active attempt of potential exploitation of this vulnerability in the wild. Customers are strongly encouraged to update to the latest versions as soon as possible,” the company said.

CVE-2022-40139Improper Validation of Rollback Mechanism Components RCE Vulnerability 7.2
CVE-2022-40140Origin Validation Error Denial-of-Service Vulnerability5.5
CVE-2022-40141Information disclosure vulnerability5.6
CVE-2022-40142Agent Link Following Local Privilege Escalation Vulnerability7.8
CVE-2022-40143Link Following Local Privilege Escalation Vulnerability7.3
CVE-2022-40144Login authentication bypass vulnerability8.2

Mitigating Factors

Customers are advised to assess remote access to essential systems, check current policies and perimeter security, and apply patches and updated solutions on time. 

Users need to update their installation as soon as possible to Apex One Service Pack 1 (Server Build 11092 and Agent Build 11088).

By | 2022-09-19T19:29:52+05:30 September 19th, 2022|Exploitation, RCE Flaw, Security Advisory, Security Update, vulnerability|

About the Author:

FirstHackersNews- Identifies Security

Leave A Comment

Subscribe to our newsletter to receive security tips everday!