Описание
An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service agents could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Ссылки
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*
cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:saas:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 32%
0.00124
Низкий
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-427
Связанные уязвимости
github
больше 3 лет назад
An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service agents could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
EPSS
Процентиль: 32%
0.00124
Низкий
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-427