JVNVU#90967486
Trend Micro Endpoint security products for enterprises vulnerable to arbitrary code execution
Critical
Overview
Trend Micro Endpoint security products for enterprises contain an arbitrary code execution vulnerability.
Products Affected
- Trend Micro Apex One On Premise (2019)
- Trend Micro Apex One as a Service
- Worry-Free Business Security 10.0 SP1
- Worry-Free Business Security Services (SaaS)
Description
Trend Micro Endpoint security products for enterprises provided by Trend Micro Incorporated contain an arbitrary code execution vulnerability (CWE-94, CVE-2023-41179) in 3rd Party AV Uninstaller Module.
Trend Micro Incorporated states that an attack exploiting this vulnerability has been observed.
Impact
An attacker who can log in to the product's administration console may execute an arbitrary code with the system privilege on the PC where the security agent is installed.
Solution
Apply the Patch
Apply the patch according to the information provided by the developer.
The developer has released patches listed below that contain a fix for this vulnerability.
- Trend Micro Apex One On Premise (2019) SP1 Patch 1 (b12380)
- Worry-Free Business Security 10.0 SP1 Patch 2495
Apply the Workaround
Applying the following workaround may mitigate the impact of this vulnerability.
- Permit access to the product's administration console to only trusted network
Vendor Status
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
---|---|---|---|---|
Attack Complexity(AC) | High (H) | Low (L) | ||
Privileges Required(PR) | High (H) | Low (L) | None (N) | |
User Interaction(UI) | Required (R) | None (N) | ||
Scope(S) | Unchanged (U) | Changed (C) | ||
Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
Integrity Impact(I) | None (N) | Low (L) | High (H) | |
Availability Impact(A) | None (N) | Low (L) | High (H) |
Credit
Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.
Other Information
JPCERT Alert |
JPCERT-AT-2023-0021 Alert Regarding Vulnerability in Trend Micro Multiple Endpoint Security Products for Enterprises |
JPCERT Reports |
|
CERT Advisory |
|
CPNI Advisory |
|
TRnotes |
|
CVE |
|
JVN iPedia |
|
Update History
- 2023/09/19
- Information under the section "Other Information" was updated.
- 2023/09/20
- Information under the section "Vendor Status" was updated.
- 2023/11/10
- Fixed typo in the patch name under the section "Solution".