Trendmicro Apex One vulnerabilities
161 known vulnerabilities affecting trendmicro/apex_one.
Total CVEs
161
CISA KEV
9
actively exploited
Public exploits
0
Exploited in wild
8
Severity breakdown
CRITICAL8HIGH107MEDIUM46
Vulnerabilities
Page 2 of 9
CVE-2024-37289HIGHCVSS 7.8fixed in 14.0.13139≥ 14.0, < 14.0.0.129802024-06-10
CVE-2024-37289 [HIGH] CWE-284 CVE-2024-37289: An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to esc
An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
nvd
CVE-2024-36305HIGHCVSS 7.8≥ 14.0, < 14.0.0.129802024-06-10
CVE-2024-36305 [HIGH] CWE-59 CVE-2024-36305: A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker t
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
nvd
CVE-2024-36306MEDIUMCVSS 5.5≥ 14.0, < 14.0.0.129802024-06-10
CVE-2024-36306 [MEDIUM] CWE-59 CVE-2024-36306: A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup
A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
nvd
CVE-2024-36307MEDIUMCVSS 5.5≤ 14.0.13139≥ 14.0, ≤ 14.0.0.129802024-06-10
CVE-2024-36307 [MEDIUM] CWE-200 CVE-2024-36307: A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service coul
A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
nvd
CVE-2023-47196HIGHCVSS 7.8fixed in 14.0.12737v20192024-01-23
CVE-2023-47196 [HIGH] CWE-346 CVE-2023-47196: An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local at
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability is similar to, but not ident
nvd
CVE-2023-47202HIGHCVSS 7.8fixed in 14.0.12737v20192024-01-23
CVE-2023-47202 [HIGH] CWE-552 CVE-2023-47202: A local file inclusion vulnerability on the Trend Micro Apex One management server could allow a loc
A local file inclusion vulnerability on the Trend Micro Apex One management server could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
nvd
CVE-2023-47195HIGHCVSS 7.8fixed in 14.0.12737v20192024-01-23
CVE-2023-47195 [HIGH] CWE-346 CVE-2023-47195: An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local at
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability is similar to, but not ident
nvd
CVE-2023-52091HIGHCVSS 7.8fixed in 14.0.12849v20192024-01-23
CVE-2023-52091 [HIGH] CWE-59 CVE-2023-52091: An anti-spyware engine link following vulnerability in Trend Micro Apex One could allow a local atta
An anti-spyware engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
nvd
CVE-2023-52092HIGHCVSS 7.8fixed in 14.0.12849v20192024-01-23
CVE-2023-52092 [HIGH] CWE-59 CVE-2023-52092: A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker t
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
nvd
CVE-2023-47194HIGHCVSS 7.8fixed in 14.0.12737v20192024-01-23
CVE-2023-47194 [HIGH] CWE-346 CVE-2023-47194: An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local at
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability is similar to, but not ident
nvd
CVE-2023-47197HIGHCVSS 7.8fixed in 14.0.12737v20192024-01-23
CVE-2023-47197 [HIGH] CWE-346 CVE-2023-47197: An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local at
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability is similar to, but not ident
nvd
CVE-2023-52093HIGHCVSS 7.8fixed in 14.0.12849v20192024-01-23
CVE-2023-52093 [HIGH] CWE-269 CVE-2023-52093: An exposed dangerous function vulnerability in the Trend Micro Apex One agent could allow a local at
An exposed dangerous function vulnerability in the Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
nvd
CVE-2023-52094HIGHCVSS 7.8fixed in 14.0.12849v20192024-01-23
CVE-2023-52094 [HIGH] CWE-59 CVE-2023-52094: An updater link following vulnerability in the Trend Micro Apex One agent could allow a local attack
An updater link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to abuse the updater to delete an arbitrary folder, leading for a local privilege escalation on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit thi
nvd
CVE-2023-52090HIGHCVSS 7.8fixed in 14.0.12849v20192024-01-23
CVE-2023-52090 [HIGH] CWE-59 CVE-2023-52090: A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker t
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
nvd
CVE-2023-47201HIGHCVSS 7.8fixed in 14.0.12737v20192024-01-23
CVE-2023-47201 [HIGH] CVE-2023-47201: A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could a
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability is similar to, but no
nvd
CVE-2023-47198HIGHCVSS 7.8fixed in 14.0.12737v20192024-01-23
CVE-2023-47198 [HIGH] CWE-346 CVE-2023-47198: An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local at
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability is similar to, but not ident
nvd
CVE-2023-47200HIGHCVSS 7.8fixed in 14.0.12737v20192024-01-23
CVE-2023-47200 [HIGH] CWE-346 CVE-2023-47200: A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could a
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability is similar to
nvd
CVE-2023-47199HIGHCVSS 7.8fixed in 14.0.12737v20192024-01-23
CVE-2023-47199 [HIGH] CVE-2023-47199: An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local at
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability is similar to, but not identical to,
nvd
CVE-2023-47193HIGHCVSS 7.8fixed in 14.0.12737v20192024-01-23
CVE-2023-47193 [HIGH] CWE-346 CVE-2023-47193: An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local at
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability is similar to, but not ident
nvd
CVE-2023-47192HIGHCVSS 7.8fixed in 14.0.12737v20192024-01-23
CVE-2023-47192 [HIGH] CWE-59 CVE-2023-47192: An agent link vulnerability in the Trend Micro Apex One security agent could allow a local attacker
An agent link vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
nvd