Trend Micro Apex One/Apex One as a Service link following

A vulnerability was found in Trend Micro Apex One and Apex One as a Service (the affected version unknown). It has been classified as critical. This affects an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field09/20/2022 09:54 AM
vendorTrend Micro
nameApex One/Apex One as a Service
cwe59 (link following)
risk2
cvss3_vuldb_avN
cvss3_vuldb_acL
cvss3_vuldb_prL
cvss3_vuldb_uiN
cvss3_vuldb_sU
cvss3_vuldb_cL
cvss3_vuldb_iL
cvss3_vuldb_aL
cvss3_vuldb_rcC
identifierZDI-22-1190
urlhttps://www.zerodayinitiative.com/advisories/ZDI-22-1190/
confirm_urlhttps://success.trendmicro.com/solution/000291528
cveCVE-2022-40142
cve_assigned1662415200 (09/06/2022)
cve_nvd_summaryA security link following local privilege escalation vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service agents could allow a local attacker to create a writable folder in an arbitrary location and escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
cvss3_meta_basescore6.3
cvss3_meta_tempscore6.3
price_0day$5k-$25k
date1663624800 (09/20/2022)
cvss2_vuldb_avN
cvss2_vuldb_acL
cvss2_vuldb_ciP
cvss2_vuldb_iiP
cvss2_vuldb_aiP
cvss2_vuldb_rcC
cvss2_vuldb_auS
cvss2_vuldb_eND
cvss2_vuldb_rlND
cvss3_vuldb_eX
cvss3_vuldb_rlX
cvss2_vuldb_basescore6.5
cvss2_vuldb_tempscore6.5
cvss3_vuldb_basescore6.3
cvss3_vuldb_tempscore6.3

Do you want to use VulDB in your project?

Use the official API to access entries easily!