Multiple Trend Micro Endpoint Security Vulnerabilities Let Attackers Run Arbitrary Code

If you are using Trend Micro Apex One, be aware that there may be a vulnerability in the third-party Antivirus uninstaller module. This vulnerability could potentially allow for arbitrary code execution.

While the National Vulnerability Database (NVD) has not yet confirmed the severity of the issue, it is important to remain cautious and take appropriate measures to protect your system.

However, it was also found that this vulnerability is being exploited in the wild ITW). “Trend Micro has observed at least one active attempt of potential attacks against this vulnerability in the wild (ITW). Customers are strongly encouraged to update to the latest versions as soon as possible.” reads the post by Trend Micro.

Trend Micro has released a security advisory for fixing this vulnerability. This vulnerability also exists in Worry-Free Business Security (WFBS) and Worry-Free Business Security Services (WFBSS).

FREE Webinar

Live DDoS Attack Simulation

Attend the Live DDoS Website & API Attack Simulation webinar to gain knowledge on various types of attacks and how to prevent them.

CVE-2023-41179 – Arbitrary Code Execution Vulnerability

A threat actor can exploit this vulnerability to execute commands on the vulnerable endpoints. To exploit this vulnerability, an attacker must have access to the administrative console access on the target system as a prerequisite. 

Successful exploitation may allow the attacker to execute commands with system privileges on the PC where the security agent is installed. Trend Micro has rated this vulnerability with a severity score of 9.1 (Critical).

Affected Products & Fixed in Versions

ProductAffected Version(s)PlatformFixed in Version*Notes
Apex One2019 (On-prem)WindowsSP1 Patch 1 (B12380)Readme
Apex One as a ServiceSaaSWindowsJuly 2023 Monthly Patch (202307)Agent Version: 14.0.12637Readme
Worry-Free Business Security(WFBS)10.0 SP1Windows10.0 SP1 Patch 2495Readme
Worry-Free Business Security Services(WFBSS)SaaSWindowsJuly 31, 2023Monthly Maintenance Release

Users of these products are recommended to upgrade to the latest version of these products to prevent this vulnerability from getting exploited by threat actors.

Keep informed about the latest Cyber Security News by following us on Google NewsLinkedinTwitter, and Facebook.

Eswar is a Cyber security reporter with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is reporting data breach, Privacy and APT Threats.