Описание
A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations.
Ссылки
- Vendor Advisory
- Vendor Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:-:*:*:*
cpe:2.3:a:trendmicro:apex_central:2019:build_3752:*:*:-:*:*:*
cpe:2.3:a:trendmicro:apex_central:2019:build_5158:*:*:-:*:*:*
cpe:2.3:a:trendmicro:apex_central:2019:build_6016:*:*:-:*:*:*
cpe:2.3:a:trendmicro:apex_central:2019:build_6288:*:*:-:*:*:*
cpe:2.3:a:trendmicro:apex_central:2019:build_6394:*:*:-:*:*:*
cpe:2.3:a:trendmicro:apex_central:2019:build_6481:*:*:-:*:*:*
cpe:2.3:a:trendmicro:apex_central:2019:build_6511:*:*:-:*:*:*
cpe:2.3:a:trendmicro:apex_central:2019:build_6571:*:*:-:*:*:*
cpe:2.3:a:trendmicro:apex_central:2019:build_6658:*:*:-:*:*:*
cpe:2.3:a:trendmicro:apex_central:2019:build_6660:*:*:-:*:*:*
cpe:2.3:a:trendmicro:apex_central:2019:build_6890:*:*:-:*:*:*
cpe:2.3:a:trendmicro:apex_central:2019:build_6955:*:*:-:*:*:*
cpe:2.3:a:trendmicro:apex_central:2019:build_7007:*:*:-:*:*:*
cpe:2.3:a:trendmicro:apex_central:2019:build_7065:*:*:-:*:*:*
cpe:2.3:a:trendmicro:apex_central:2019:build_7141:*:*:-:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00151
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-120
Связанные уязвимости
CVSS3: 9.8
github
30 дней назад
A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations.
EPSS
Процентиль: 36%
0.00151
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-120