Main Vulnerability Database SB2022072843

SB2022072843 - Privilege escalation in Trend Micro Apex One Security Agent

Published: July 28, 2022

Security Bulletin ID SB2022072843

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Link following (CVE-ID: CVE-2022-36336)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insecure link following within the NT Apex One RealTime Scan Service. A local user can create a mount point and delete arbitrary files on the system.

Successful exploitation of the vulnerability may allow an attacker to execute arbitrary code with SYSTEM privileges.

Remediation

Install update from vendor's website.

References

https://www.zerodayinitiative.com/advisories/ZDI-22-1033/
https://success.trendmicro.com/dcx/s/solution/000291267?language=en_US