JVNVU#96643038
Trend Micro Endpoint security products for enterprises vulnerable to Link Following Local Privilege Escalation
Overview
Trend Micro Incorporated has released security updates for Endpoint security products for enterprises.
Products Affected
- Apex One On Premise (2019)
- Apex One as a Service
- Worry-Free Business Security 10.0 SP1
- Worry-Free Business Security Services
Description
Trend Micro Incorporated has released security updates for Endpoint security products for enterprises.
Impact
A non-administrative user of the system where the affected product is installed may obtain the administrative privilege.
For more information, refer to the information provided by the developer.
Solution
Update Spyware pattern
Update Spyware pattern to the latest version according to the information provided by the developer.
Spyware Pattern 25.27 and later that addresses this vulnerability is available and it is automatically applied through the product’s automatic ActiveUpdate feature.
Vendor Status
| Vendor | Link |
| Trend Micro Incorporated | SECURITY BULLETIN: Trend Micro Apex One and Worry-Free Business Security Security Agent Link Following Local Privilege Escalation Vulnerability |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN.