cvelistv5 - CVE-2023-52324

CVE-2023-52324 (GCVE-0-2023-52324)

Vulnerability from cvelistv5 – Published: 2024-01-23 20:41 – Updated: 2025-05-30 14:18

Summary

An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on affected installations. Please note: although authentication is required to exploit this vulnerability, this vulnerability could be exploited when the attacker has any valid set of credentials. Also, this vulnerability could be potentially used in combination with another vulnerability to execute arbitrary code.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-434 - Unrestricted Upload of File with Dangerous Type

Assigner

trendmicro

References

URL

Tags

	https://success.trendmicro.com/dcx/s/solution/000…
	https://www.zerodayinitiative.com/advisories/ZDI-…

Impacted products

	Vendor	Product	Version
	Trend Micro, Inc.	Trend Micro Apex Central	Affected: 2019 , < 8.0.0.6570 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T22:55:41.057Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-077/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52324",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-08T17:30:31.968053Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-434",
                "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-30T14:18:27.074Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Apex Central",
          "vendor": "Trend Micro, Inc.",
          "versions": [
            {
              "lessThan": "8.0.0.6570",
              "status": "affected",
              "version": "2019",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on affected installations.\r\n\r\nPlease note: although authentication is required to exploit this vulnerability, this vulnerability could be exploited when the attacker has any valid set of credentials. Also, this vulnerability could be potentially used in combination with another vulnerability to execute arbitrary code."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-23T20:41:10.369Z",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "url": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US"
        },
        {
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-077/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2023-52324",
    "datePublished": "2024-01-23T20:41:10.369Z",
    "dateReserved": "2024-01-08T19:08:00.320Z",
    "dateUpdated": "2025-05-30T14:18:27.074Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:windows:*:*\", \"matchCriteriaId\": \"7F2620DA-8727-43FF-8A4D-72145CDDE4CD\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on affected installations.\\r\\n\\r\\nPlease note: although authentication is required to exploit this vulnerability, this vulnerability could be exploited when the attacker has any valid set of credentials. Also, this vulnerability could be potentially used in combination with another vulnerability to execute arbitrary code.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de carga de archivos sin restricciones en Trend Micro Apex Central podr\\u00eda permitir que un atacante remoto cree archivos arbitrarios en las instalaciones afectadas. Tenga en cuenta: aunque se requiere autenticaci\\u00f3n para aprovechar esta vulnerabilidad, esta vulnerabilidad podr\\u00eda explotarse cuando el atacante tenga un conjunto v\\u00e1lido de credenciales. Adem\\u00e1s, esta vulnerabilidad podr\\u00eda usarse potencialmente en combinaci\\u00f3n con otra vulnerabilidad para ejecutar c\\u00f3digo arbitrario.\"}]",
      "id": "CVE-2023-52324",
      "lastModified": "2024-11-21T08:39:34.067",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
      "published": "2024-01-23T21:15:09.337",
      "references": "[{\"url\": \"https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US\", \"source\": \"security@trendmicro.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-24-077/\", \"source\": \"security@trendmicro.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-24-077/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "security@trendmicro.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-434\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-52324\",\"sourceIdentifier\":\"security@trendmicro.com\",\"published\":\"2024-01-23T21:15:09.337\",\"lastModified\":\"2025-05-30T15:15:27.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on affected installations.\\r\\n\\r\\nPlease note: although authentication is required to exploit this vulnerability, this vulnerability could be exploited when the attacker has any valid set of credentials. Also, this vulnerability could be potentially used in combination with another vulnerability to execute arbitrary code.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de carga de archivos sin restricciones en Trend Micro Apex Central podr\u00eda permitir que un atacante remoto cree archivos arbitrarios en las instalaciones afectadas. Tenga en cuenta: aunque se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad, esta vulnerabilidad podr\u00eda explotarse cuando el atacante tenga un conjunto v\u00e1lido de credenciales. Adem\u00e1s, esta vulnerabilidad podr\u00eda usarse potencialmente en combinaci\u00f3n con otra vulnerabilidad para ejecutar c\u00f3digo arbitrario.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-434\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-434\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:windows:*:*\",\"matchCriteriaId\":\"7F2620DA-8727-43FF-8A4D-72145CDDE4CD\"}]}]}],\"references\":[{\"url\":\"https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-24-077/\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-24-077/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-24-077/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T22:55:41.057Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-52324\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-08T17:30:31.968053Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-434\", \"description\": \"CWE-434 Unrestricted Upload of File with Dangerous Type\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-08T17:30:33.632Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Trend Micro, Inc.\", \"product\": \"Trend Micro Apex Central\", \"versions\": [{\"status\": \"affected\", \"version\": \"2019\", \"lessThan\": \"8.0.0.6570\", \"versionType\": \"semver\"}]}], \"references\": [{\"url\": \"https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US\"}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-24-077/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on affected installations.\\r\\n\\r\\nPlease note: although authentication is required to exploit this vulnerability, this vulnerability could be exploited when the attacker has any valid set of credentials. Also, this vulnerability could be potentially used in combination with another vulnerability to execute arbitrary code.\"}], \"providerMetadata\": {\"orgId\": \"7f7bd7df-cffe-4fdb-ab6d-859363b89272\", \"shortName\": \"trendmicro\", \"dateUpdated\": \"2024-01-23T20:41:10.369Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-52324\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-30T14:18:27.074Z\", \"dateReserved\": \"2024-01-08T19:08:00.320Z\", \"assignerOrgId\": \"7f7bd7df-cffe-4fdb-ab6d-859363b89272\", \"datePublished\": \"2024-01-23T20:41:10.369Z\", \"assignerShortName\": \"trendmicro\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2024-AVI-0016

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Trend Micro. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à l'intégrité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Trend Micro	N/A	Apex Central 2019 sans le correctif de sécurité Patch 8 (b6658)
Trend Micro	Apex One	Apex One as a Service sans le dernier correctif de sécurité
Trend Micro	Apex One	Apex One 2019 sans le correctif de sécurité SP1 CP b12534

References

Title

Publication Time

Tags

Bulletin de sécurité Trend Micro 000296153 du 09 janvier 2024	None	vendor-advisory
Bulletin de sécurité Trend Micro 000296151 du 09 janvier 2024	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apex Central 2019 sans le correctif de s\u00e9curit\u00e9 Patch 8 (b6658)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Apex One as a Service sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "Apex One",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Apex One 2019 sans le correctif de s\u00e9curit\u00e9 SP1 CP b12534",
      "product": {
        "name": "Apex One",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-52094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52094"
    },
    {
      "name": "CVE-2023-52090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52090"
    },
    {
      "name": "CVE-2023-52091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52091"
    },
    {
      "name": "CVE-2023-52093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52093"
    },
    {
      "name": "CVE-2023-52324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52324"
    },
    {
      "name": "CVE-2023-52092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52092"
    },
    {
      "name": "CVE-2023-52326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52326"
    },
    {
      "name": "CVE-2023-52325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52325"
    },
    {
      "name": "CVE-2023-52328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52328"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0016",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-01-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Trend\nMicro. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Trend Micro",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro 000296153 du 09 janvier 2024",
      "url": "https://success.trendmicro.com/dcx/s/solution/000296153"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro 000296151 du 09 janvier 2024",
      "url": "https://success.trendmicro.com/dcx/s/solution/000296151"
    }
  ]
}

CERTFR-2024-AVI-0016

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Trend Micro	N/A	Apex Central 2019 sans le correctif de sécurité Patch 8 (b6658)
Trend Micro	Apex One	Apex One as a Service sans le dernier correctif de sécurité
Trend Micro	Apex One	Apex One 2019 sans le correctif de sécurité SP1 CP b12534

References

Title

Publication Time

Tags

Bulletin de sécurité Trend Micro 000296153 du 09 janvier 2024	None	vendor-advisory
Bulletin de sécurité Trend Micro 000296151 du 09 janvier 2024	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apex Central 2019 sans le correctif de s\u00e9curit\u00e9 Patch 8 (b6658)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Apex One as a Service sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "Apex One",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Apex One 2019 sans le correctif de s\u00e9curit\u00e9 SP1 CP b12534",
      "product": {
        "name": "Apex One",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-52094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52094"
    },
    {
      "name": "CVE-2023-52090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52090"
    },
    {
      "name": "CVE-2023-52091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52091"
    },
    {
      "name": "CVE-2023-52093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52093"
    },
    {
      "name": "CVE-2023-52324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52324"
    },
    {
      "name": "CVE-2023-52092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52092"
    },
    {
      "name": "CVE-2023-52326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52326"
    },
    {
      "name": "CVE-2023-52325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52325"
    },
    {
      "name": "CVE-2023-52328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52328"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0016",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-01-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Trend\nMicro. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Trend Micro",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro 000296153 du 09 janvier 2024",
      "url": "https://success.trendmicro.com/dcx/s/solution/000296153"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro 000296151 du 09 janvier 2024",
      "url": "https://success.trendmicro.com/dcx/s/solution/000296151"
    }
  ]
}

WID-SEC-W-2024-0047

Vulnerability from csaf_certbund - Published: 2024-01-09 23:00 - Updated: 2024-01-11 23:00

Summary

Trend Micro Apex One und Apex Central: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Trend Micro Apex One ist eine Endpoint-Security Lösung. Trend Micro Apex Central ist eine webbasierte Konsole, die eine zentrale Verwaltung für Trend Micro-Produkte und -Dienste bietet.

Angriff

Ein Angreifer kann mehrere Schwachstellen in Trend Micro Apex One und Trend Micro Apex Central ausnutzen, um seine Privilegien zu erhöhen, beliebigen Code auszuführen, Dateien zu manipulieren oder Cross-Site Scripting (XSS)-Angriffe durchzuführen.

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Trend Micro Apex One ist eine Endpoint-Security L\u00f6sung.\r\nTrend Micro Apex Central ist eine webbasierte Konsole, die eine zentrale Verwaltung f\u00fcr Trend Micro-Produkte und -Dienste bietet.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Trend Micro Apex One und Trend Micro Apex Central ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, Dateien zu manipulieren oder Cross-Site Scripting (XSS)-Angriffe durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0047 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0047.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0047 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0047"
      },
      {
        "category": "external",
        "summary": "Trend Micro Security Bulletin vom 2024-01-09",
        "url": "https://success.trendmicro.com/dcx/s/solution/000296151?language=en_US"
      },
      {
        "category": "external",
        "summary": "Trend Micro Security Bulletin vom 2024-01-09",
        "url": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US"
      }
    ],
    "source_lang": "en-US",
    "title": "Trend Micro Apex One und Apex Central: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-01-11T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:03:27.724+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-0047",
      "initial_release_date": "2024-01-09T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-01-09T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-01-11T23:00:00.000+00:00",
          "number": "2",
          "summary": "CVE-Nummern erg\u00e4nzt"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Trend Micro Apex Central \u003c Patch 8 (b6658)",
            "product": {
              "name": "Trend Micro Apex Central \u003c Patch 8 (b6658)",
              "product_id": "T031949",
              "product_identification_helper": {
                "cpe": "cpe:/a:trendmicro:apex_central:patch_8_%28b6658%29"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Trend Micro Apex One \u003c SP1 CP b12534",
                "product": {
                  "name": "Trend Micro Apex One \u003c SP1 CP b12534",
                  "product_id": "T031947",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:trendmicro:apex_one:sp1_cp_b12534"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Trend Micro Apex One as a service \u003c 14.0.12849",
                "product": {
                  "name": "Trend Micro Apex One as a service \u003c 14.0.12849",
                  "product_id": "T031948",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:trendmicro:apex_one:as_a_service__14.0.12849"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Apex One"
          }
        ],
        "category": "vendor",
        "name": "Trend Micro"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-52094",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Trend Micro Apex One. Diese Fehler bestehen in der Agent Engine, in der Anti-Spyware Engine, im Security Agent und im Updater aufgrund verschiedener Sicherheitsl\u00fccken. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Berechtigungen zu erweitern."
        }
      ],
      "release_date": "2024-01-09T23:00:00.000+00:00",
      "title": "CVE-2023-52094"
    },
    {
      "cve": "CVE-2023-52093",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Trend Micro Apex One. Diese Fehler bestehen in der Agent Engine, in der Anti-Spyware Engine, im Security Agent und im Updater aufgrund verschiedener Sicherheitsl\u00fccken. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Berechtigungen zu erweitern."
        }
      ],
      "release_date": "2024-01-09T23:00:00.000+00:00",
      "title": "CVE-2023-52093"
    },
    {
      "cve": "CVE-2023-52092",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Trend Micro Apex One. Diese Fehler bestehen in der Agent Engine, in der Anti-Spyware Engine, im Security Agent und im Updater aufgrund verschiedener Sicherheitsl\u00fccken. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Berechtigungen zu erweitern."
        }
      ],
      "release_date": "2024-01-09T23:00:00.000+00:00",
      "title": "CVE-2023-52092"
    },
    {
      "cve": "CVE-2023-52091",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Trend Micro Apex One. Diese Fehler bestehen in der Agent Engine, in der Anti-Spyware Engine, im Security Agent und im Updater aufgrund verschiedener Sicherheitsl\u00fccken. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Berechtigungen zu erweitern."
        }
      ],
      "release_date": "2024-01-09T23:00:00.000+00:00",
      "title": "CVE-2023-52091"
    },
    {
      "cve": "CVE-2023-52090",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Trend Micro Apex One. Diese Fehler bestehen in der Agent Engine, in der Anti-Spyware Engine, im Security Agent und im Updater aufgrund verschiedener Sicherheitsl\u00fccken. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Berechtigungen zu erweitern."
        }
      ],
      "release_date": "2024-01-09T23:00:00.000+00:00",
      "title": "CVE-2023-52090"
    },
    {
      "cve": "CVE-2023-52331",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Trend Micro Apex Central. Diese Fehler bestehen in bestimmten Widgets und Dashboards aufgrund eines Dateieinschlusses und eines uneingeschr\u00e4nkten Datei-Upload-Problems. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Dateien zu manipulieren oder Cross-Site Scripting (XSS)-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-01-09T23:00:00.000+00:00",
      "title": "CVE-2023-52331"
    },
    {
      "cve": "CVE-2023-52330",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Trend Micro Apex Central. Diese Fehler bestehen in bestimmten Widgets und Dashboards aufgrund eines Dateieinschlusses und eines uneingeschr\u00e4nkten Datei-Upload-Problems. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Dateien zu manipulieren oder Cross-Site Scripting (XSS)-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-01-09T23:00:00.000+00:00",
      "title": "CVE-2023-52330"
    },
    {
      "cve": "CVE-2023-52329",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Trend Micro Apex Central. Diese Fehler bestehen in bestimmten Widgets und Dashboards aufgrund eines Dateieinschlusses und eines uneingeschr\u00e4nkten Datei-Upload-Problems. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Dateien zu manipulieren oder Cross-Site Scripting (XSS)-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-01-09T23:00:00.000+00:00",
      "title": "CVE-2023-52329"
    },
    {
      "cve": "CVE-2023-52328",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Trend Micro Apex Central. Diese Fehler bestehen in bestimmten Widgets und Dashboards aufgrund eines Dateieinschlusses und eines uneingeschr\u00e4nkten Datei-Upload-Problems. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Dateien zu manipulieren oder Cross-Site Scripting (XSS)-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-01-09T23:00:00.000+00:00",
      "title": "CVE-2023-52328"
    },
    {
      "cve": "CVE-2023-52327",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Trend Micro Apex Central. Diese Fehler bestehen in bestimmten Widgets und Dashboards aufgrund eines Dateieinschlusses und eines uneingeschr\u00e4nkten Datei-Upload-Problems. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Dateien zu manipulieren oder Cross-Site Scripting (XSS)-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-01-09T23:00:00.000+00:00",
      "title": "CVE-2023-52327"
    },
    {
      "cve": "CVE-2023-52326",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Trend Micro Apex Central. Diese Fehler bestehen in bestimmten Widgets und Dashboards aufgrund eines Dateieinschlusses und eines uneingeschr\u00e4nkten Datei-Upload-Problems. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Dateien zu manipulieren oder Cross-Site Scripting (XSS)-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-01-09T23:00:00.000+00:00",
      "title": "CVE-2023-52326"
    },
    {
      "cve": "CVE-2023-52325",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Trend Micro Apex Central. Diese Fehler bestehen in bestimmten Widgets und Dashboards aufgrund eines Dateieinschlusses und eines uneingeschr\u00e4nkten Datei-Upload-Problems. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Dateien zu manipulieren oder Cross-Site Scripting (XSS)-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-01-09T23:00:00.000+00:00",
      "title": "CVE-2023-52325"
    },
    {
      "cve": "CVE-2023-52324",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Trend Micro Apex Central. Diese Fehler bestehen in bestimmten Widgets und Dashboards aufgrund eines Dateieinschlusses und eines uneingeschr\u00e4nkten Datei-Upload-Problems. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Dateien zu manipulieren oder Cross-Site Scripting (XSS)-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-01-09T23:00:00.000+00:00",
      "title": "CVE-2023-52324"
    }
  ]
}

GHSA-V576-WFMR-X3X7

Vulnerability from github – Published: 2024-01-23 21:30 – Updated: 2025-05-30 15:30

Details

An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on affected installations.

Please note: although authentication is required to exploit this vulnerability, this vulnerability could be exploited when the attacker has any valid set of credentials. Also, this vulnerability could be potentially used in combination with another vulnerability to execute arbitrary code.

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-52324"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-434"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-23T21:15:09Z",
    "severity": "HIGH"
  },
  "details": "An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on affected installations.\n\nPlease note: although authentication is required to exploit this vulnerability, this vulnerability could be exploited when the attacker has any valid set of credentials. Also, this vulnerability could be potentially used in combination with another vulnerability to execute arbitrary code.",
  "id": "GHSA-v576-wfmr-x3x7",
  "modified": "2025-05-30T15:30:25Z",
  "published": "2024-01-23T21:30:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52324"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-077"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2023-52324

Vulnerability from fkie_nvd - Published: 2024-01-23 21:15 - Updated: 2025-05-30 15:15

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security@trendmicro.com	https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US	Vendor Advisory
security@trendmicro.com	https://www.zerodayinitiative.com/advisories/ZDI-24-077/	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.zerodayinitiative.com/advisories/ZDI-24-077/	Third Party Advisory, VDB Entry

Impacted products

	Vendor	Product	Version
	trendmicro	apex_central	2019

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:windows:*:*",
              "matchCriteriaId": "7F2620DA-8727-43FF-8A4D-72145CDDE4CD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on affected installations.\r\n\r\nPlease note: although authentication is required to exploit this vulnerability, this vulnerability could be exploited when the attacker has any valid set of credentials. Also, this vulnerability could be potentially used in combination with another vulnerability to execute arbitrary code."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de carga de archivos sin restricciones en Trend Micro Apex Central podr\u00eda permitir que un atacante remoto cree archivos arbitrarios en las instalaciones afectadas. Tenga en cuenta: aunque se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad, esta vulnerabilidad podr\u00eda explotarse cuando el atacante tenga un conjunto v\u00e1lido de credenciales. Adem\u00e1s, esta vulnerabilidad podr\u00eda usarse potencialmente en combinaci\u00f3n con otra vulnerabilidad para ejecutar c\u00f3digo arbitrario."
    }
  ],
  "id": "CVE-2023-52324",
  "lastModified": "2025-05-30T15:15:27.220",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-01-23T21:15:09.337",
  "references": [
    {
      "source": "security@trendmicro.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US"
    },
    {
      "source": "security@trendmicro.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-077/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-077/"
    }
  ],
  "sourceIdentifier": "security@trendmicro.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-434"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-434"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

GSD-2023-52324

Vulnerability from gsd - Updated: 2024-01-09 06:01

Details

Aliases

CVE-2023-52324

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-52324"
      ],
      "details": "An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on affected installations.\r\n\r\nPlease note: although authentication is required to exploit this vulnerability, this vulnerability could be exploited when the attacker has any valid set of credentials. Also, this vulnerability could be potentially used in combination with another vulnerability to execute arbitrary code.",
      "id": "GSD-2023-52324",
      "modified": "2024-01-09T06:01:37.002950Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@trendmicro.com",
        "ID": "CVE-2023-52324",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Trend Micro Apex Central",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "2019",
                          "version_value": "8.0.0.6570"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Trend Micro, Inc."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on affected installations.\r\n\r\nPlease note: although authentication is required to exploit this vulnerability, this vulnerability could be exploited when the attacker has any valid set of credentials. Also, this vulnerability could be potentially used in combination with another vulnerability to execute arbitrary code."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US",
            "refsource": "MISC",
            "url": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US"
          },
          {
            "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-077/",
            "refsource": "MISC",
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-077/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:windows:*:*",
                    "matchCriteriaId": "7F2620DA-8727-43FF-8A4D-72145CDDE4CD",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on affected installations.\r\n\r\nPlease note: although authentication is required to exploit this vulnerability, this vulnerability could be exploited when the attacker has any valid set of credentials. Also, this vulnerability could be potentially used in combination with another vulnerability to execute arbitrary code."
          },
          {
            "lang": "es",
            "value": "Una vulnerabilidad de carga de archivos sin restricciones en Trend Micro Apex Central podr\u00eda permitir que un atacante remoto cree archivos arbitrarios en las instalaciones afectadas. Tenga en cuenta: aunque se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad, esta vulnerabilidad podr\u00eda explotarse cuando el atacante tenga un conjunto v\u00e1lido de credenciales. Adem\u00e1s, esta vulnerabilidad podr\u00eda usarse potencialmente en combinaci\u00f3n con otra vulnerabilidad para ejecutar c\u00f3digo arbitrario."
          }
        ],
        "id": "CVE-2023-52324",
        "lastModified": "2024-01-30T18:40:32.970",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 2.8,
              "impactScore": 5.9,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2024-01-23T21:15:09.337",
        "references": [
          {
            "source": "security@trendmicro.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US"
          },
          {
            "source": "security@trendmicro.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-077/"
          }
        ],
        "sourceIdentifier": "security@trendmicro.com",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-434"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

CNVD-2024-04939

Vulnerability from cnvd - Published: 2024-01-22

Title

Trend Micro Apex Central任意文件上传漏洞

Description

Trend Micro Apex Central是美国趋势科技(Trend Micro)公司的一个基于Web的产品控制台。 Trend Micro Apex Central存在任意文件上传漏洞，攻击者可利用该漏洞在受影响的安装上创建任意文件。

Severity

中

Patch Name

Trend Micro Apex Central任意文件上传漏洞的补丁

Patch Description

Trend Micro Apex Central是美国趋势科技(Trend Micro)公司的一个基于Web的产品控制台。 Trend Micro Apex Central存在任意文件上传漏洞，攻击者可利用该漏洞在受影响的安装上创建任意文件。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US

Reference

https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US

Impacted products

Name
Trend Micro Apex Central 2019 (On-prem builds before 6570)

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2023-52324",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-52324"
    }
  },
  "description": "Trend Micro Apex Central\u662f\u7f8e\u56fd\u8d8b\u52bf\u79d1\u6280(Trend Micro)\u516c\u53f8\u7684\u4e00\u4e2a\u57fa\u4e8eWeb\u7684\u4ea7\u54c1\u63a7\u5236\u53f0\u3002\n\nTrend Micro Apex Central\u5b58\u5728\u4efb\u610f\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u5b89\u88c5\u4e0a\u521b\u5efa\u4efb\u610f\u6587\u4ef6\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://success.trendmicro.com/dcx/s/solution/000296153?language=en_US",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-04939",
  "openTime": "2024-01-22",
  "patchDescription": "Trend Micro Apex Central\u662f\u7f8e\u56fd\u8d8b\u52bf\u79d1\u6280(Trend Micro)\u516c\u53f8\u7684\u4e00\u4e2a\u57fa\u4e8eWeb\u7684\u4ea7\u54c1\u63a7\u5236\u53f0\u3002\r\n\r\nTrend Micro Apex Central\u5b58\u5728\u4efb\u610f\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u5b89\u88c5\u4e0a\u521b\u5efa\u4efb\u610f\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Trend Micro Apex Central\u4efb\u610f\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Trend Micro Apex Central 2019 (On-prem builds before 6570)"
  },
  "referenceLink": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US",
  "serverity": "\u4e2d",
  "submitTime": "2024-01-16",
  "title": "Trend Micro Apex Central\u4efb\u610f\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-52324 (GCVE-0-2023-52324)

CERTFR-2024-AVI-0016

Solution

CERTFR-2024-AVI-0016

Solution

WID-SEC-W-2024-0047

GHSA-V576-WFMR-X3X7

FKIE_CVE-2023-52324

GSD-2023-52324

CNVD-2024-04939

Tags

Sightings

Nomenclature