Описание
A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass existing security and execute arbitrary code on affected installations.
This CVE address an addtional bypass not covered in CVE-2024-58104.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
7.3 High
CVSS3
7.8 High
CVSS3
Дефекты
Связанные уязвимости
A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass existing security and execute arbitrary code on affected installations. This CVE address an addtional bypass not covered in CVE-2024-58104. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Уязвимость компонента User Interface Manager модуля Security Agent антивирусных программных средств Trend Micro Apex One и Apex One as a Service, позволяющая нарушителю обойти существующие ограничения безопасности и выполнить произвольный код
EPSS
7.3 High
CVSS3
7.8 High
CVSS3