JVNVU#96994445
Multiples security updates for Trend Micro Endpoint security products for enterprises (March 2022)

Overview

Trend Micro Incorporated has released multiple security updates for Trend Micro Endpoint security products for enterprises.

Products Affected

• Apex One On Premise (2019)
• Apex One as a Service
• Worry-Free Business Security 10.0 SP1
• Worry-Free Business Security Services

Description

Trend Micro Incorporated has released multiple security updates for Trend Micro Endpoint security products for enterprises.

Impact

• Apex One On Premise (2019)
  • Privilege escalation due to uncontrolled search path element
  • Privilege escalation due to unnecessary privilege
  • Privilege escalation due to incorrect permission assignment
  • Privilege escalation due to stack-based buffer overflow
  • CGI program crash due to NULL pointer dereference
  • Denial-of-service (DoS) due to reachable assertion
  • Denial-of-service (DoS) due to link following vulnerability
  • Privilege escalation due to link following vulnerability
  • Privilege escalation due to origin validation error vulnerability
  • Server crash due to out-of-bounds read
  • Denial-of-service (DoS) due to resource exhaustion attack
• Apex One as a Service
  • Privilege escalation due to uncontrolled search path element
  • Privilege escalation due to unnecessary privilege
  • Privilege escalation due to incorrect permission assignment
  • Privilege escalation due to stack-based buffer overflow
  • CGI program crash due to NULL pointer dereference
  • Denial-of-service (DoS) due to reachable assertion
  • Denial-of-service (DoS) due to link following vulnerability
  • Privilege escalation due to link following vulnerability
  • Denial-of-service (DoS) due to resource exhaustion attack
• Worry-Free Business Security 10.0 SP1
  • Privilege escalation due to unnecessary privilege
  • Privilege escalation due to stack-based buffer overflow
  • CGI program crash due to NULL pointer dereference
  • Denial-of-service (DoS) due to link following vulnerability
  • Privilege escalation due to link following vulnerability
  • Server crash due to out-of-bounds read
  • Denial-of-service (DoS) due to resource exhaustion attack
• Worry-Free Business Security Services
  • Privilege escalation due to unnecessary privilege
  • Denial-of-service (DoS) due to link following vulnerability
  • Privilege escalation due to link following vulnerability
  • Denial-of-service (DoS) due to resource exhaustion attack

Solution

Update the software
Update the software to the latest version according to the information provided by the developer.