CVE-2023-52094

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 23, 2024

Updated: Jan 30, 2024

CWE ID 59

Summary

CVE-2023-52094 is a local privilege escalation vulnerability affecting the Trend Micro Apex One agent. An updater link following flaw enables an attacker with low-privileged access to the system to manipulate the updater process and delete an arbitrary folder. Successful exploitation of this vulnerability grants the attacker elevated privileges on the affected installation. It's essential to note that an attacker must initially gain the ability to execute code on the target system to leverage this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Trend Micro Apex One

Affected Vendors

Trend Micro, Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/t7vZKD
https://www.cve.org/CVERecord?id=CVE-2023-52094
https://nvd.nist.gov/vuln/detail/CVE-2023-52094

Back to Vulnerability Database