An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local malicious user to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34146 and CVE-2023-34147.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
trendmicro apex_one |
||
trendmicro apex_one 2019 |