High Threat Security Alert (A22-09-09): Multiple Vulnerabilities in Trend Micro Apex One


 

Published on: 14 September 2022

  
  

Description:

Trend Micro has published a security advisory to address multiple vulnerabilities in Apex One. The details of the security update can be found at:
https://success.trendmicro.com/solution/000291528

Reports indicate that the vulnerability (CVE-2022-40139) is being exploited in the wild. You are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

 

Affected Systems:

  • Trend Micro Apex One - 2019 (On-Premises)
  • Trend Micro Apex One as a Service (SaaS)

 

Impact:

Successful exploitation of the vulnerabilities could lead to remote code execution, denial of service, information disclosure, privilege escalation or security restriction bypass on an affected system.

 

Recommendation:

Patches for affected software are available. System administrators of affected systems should follow the recommendations provided by the software vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://success.trendmicro.com/solution/000291528
  • https://www.hkcert.org/security-bulletin/trend-micro-apex-one-multiple-vulnerabilities_20220914
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40139 (to CVE-2022-40144)


Tag: Trend Micro , Apex One
Tags