Trend Micro Inc Trend Micro Apex One vulnerabilities
69 known vulnerabilities affecting trend_micro_inc/trend_micro_apex_one.
Total CVEs
69
CISA KEV
2
actively exploited
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL4HIGH56MEDIUM9
Vulnerabilities
Page 4 of 4
CVE-2022-44650HIGHCVSS 7.8≥ On Premise (14.0), < 14.0.0.11126≥ SaaS (14.0), < 14.0.117892022-12-12
CVE-2022-44650 [HIGH] CWE-787 CVE-2022-44650: A memory corruption vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex
A memory corruption vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex One and Apex One as a Service could allow a local attacker to elevate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability
cvelistv5nvd
CVE-2022-44649HIGHCVSS 7.8≥ On Premise (14.0), < 14.0.0.11126≥ SaaS (14.0), < 14.0.117892022-12-12
CVE-2022-44649 [HIGH] CWE-787 CVE-2022-44649: An out-of-bounds access vulnerability in the Unauthorized Change Prevention service of Trend Micro A
An out-of-bounds access vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex One and Apex One as a Service could allow a local attacker to elevate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerab
cvelistv5nvd
CVE-2022-44654HIGHCVSS 7.5≥ On Premise (14.0), < 14.0.0.11126≥ SaaS (14.0), < 14.0.117892022-12-12
CVE-2022-44654 [HIGH] CWE-122 CVE-2022-44654: Affected builds of Trend Micro Apex One and Apex One as a Service contain a monitor engine component
Affected builds of Trend Micro Apex One and Apex One as a Service contain a monitor engine component that is complied without the /SAFESEH memory protection mechanism which helps to monitor for malicious payloads. The affected component's memory protection mechanism has been updated to enhance product security.
cvelistv5nvd
CVE-2022-44653HIGHCVSS 7.8≥ On Premise (14.0), < 14.0.0.11126≥ SaaS (14.0), < 14.0.117892022-12-12
CVE-2022-44653 [HIGH] CWE-22 CVE-2022-44653: A security agent directory traversal vulnerability in Trend Micro Apex One and Apex One as a Service
A security agent directory traversal vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
cvelistv5nvd
CVE-2022-44652HIGHCVSS 7.8≥ On Premise (14.0), < 14.0.0.11126≥ SaaS (14.0), < 14.0.117892022-12-12
CVE-2022-44652 [HIGH] CWE-755 CVE-2022-44652: An improper handling of exceptional conditions vulnerability in Trend Micro Apex One and Apex One as
An improper handling of exceptional conditions vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
cvelistv5nvd
CVE-2022-45797HIGHCVSS 7.1≥ On Premise (14.0), < 14.0.0.11136≥ SaaS (14.0), < 14.0.118402022-12-12
CVE-2022-45797 [HIGH] CVE-2022-45797: An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex
An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges and delete files on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to expl
cvelistv5nvd
CVE-2022-44651HIGHCVSS 7.0≥ On Premise (14.0), < 14.0.0.11126≥ SaaS (14.0), < 14.0.117892022-12-12
CVE-2022-44651 [HIGH] CWE-367 CVE-2022-44651: A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agen
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
cvelistv5nvd
CVE-2022-44647MEDIUMCVSS 5.5≥ On Premise (14.0), < 14.0.0.11126≥ SaaS (14.0), < 14.0.117892022-12-12
CVE-2022-44647 [MEDIUM] CWE-125 CVE-2022-44647: An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a
An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This is similar to, but not
cvelistv5nvd
CVE-2022-44648MEDIUMCVSS 5.5≥ On Premise (14.0), < 14.0.0.11126≥ SaaS (14.0), < 14.0.117892022-11-21
CVE-2022-44648 [MEDIUM] CVE-2022-44648: An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information o
An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this
cvelistv5
← Previous4 / 4