SB2023110718 - Multiple vulnerabilities in Trend Micro Apex One

Main Vulnerability Database SB2023110718

SB2023110718 - Multiple vulnerabilities in Trend Micro Apex One

Published: November 7, 2023 Updated: November 15, 2023

Security Bulletin ID SB2023110718

Severity

Medium

Patch available

YES

Number of vulnerabilities 11

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 11 secuirty vulnerabilities.

1) Link following (CVE-ID: CVE-2023-47192)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insecure link following within the Apex One NT RealTime Scan service. A local user can create a symbolic link to a critical file on the system and overwrite it with elevated privileges.

2) PHP file inclusion (CVE-ID: CVE-2023-47202)

The vulnerability allows a remote user to include and execute arbitrary PHP files on the server.

The vulnerability exists due to incorrect input validation when including PHP files. A remote user can send a specially crafted HTTP request to the affected application, include and execute arbitrary PHP code on the system with privileges of the web server.

3) Origin validation error (CVE-ID: CVE-2023-47193)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to origin validation error. A remote attacker can bypass implemented security restrictions.

4) Origin validation error (CVE-ID: CVE-2023-47199)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to origin validation error in plugin manager. A remote attacker can bypass implemented security restrictions.

5) Origin validation error (CVE-ID: CVE-2023-47200)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to origin validation error in plugin manager. A remote attacker can bypass implemented security restrictions.

6) Origin validation error (CVE-ID: CVE-2023-47201)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to origin validation error in plugin manager. A remote attacker can bypass implemented security restrictions.

7) Origin validation error (CVE-ID: CVE-2023-47194)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to origin validation error in plugin manager. A remote attacker can bypass implemented security restrictions.

8) Origin validation error (CVE-ID: CVE-2023-47195)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to origin validation error in plugin manager. A remote attacker can bypass implemented security restrictions.

9) Origin validation error (CVE-ID: CVE-2023-47196)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to origin validation error in plugin manager. A remote attacker can bypass implemented security restrictions.

10) Origin validation error (CVE-ID: CVE-2023-47197)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to origin validation error in plugin manager. A remote attacker can bypass implemented security restrictions.

11) Origin validation error (CVE-ID: CVE-2023-47198)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to origin validation error in plugin manager. A remote attacker can bypass implemented security restrictions.

Remediation

Install update from vendor's website.

References