cvelistv5 - cve-2022-41745

CVE-2022-41745 (GCVE-0-2022-41745)

Vulnerability from cvelistv5 – Published: 2022-10-10 00:00 – Updated: 2024-08-03 12:49

Summary

An Out-of-Bounds access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message to cause memory corruption on a certain service process which could lead to local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Severity ?

No CVSS data available.

CWE

OOB Access

Assigner

trendmicro

References

URL

Tags

	https://success.trendmicro.com/solution/000291645
	https://www.zerodayinitiative.com/advisories/ZDI-…

Impacted products

	Vendor	Product	Version
	Trend Micro	Trend Micro Apex One	Affected: 2019 (on-prem) and SaaS

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:49:43.818Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000291645"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1401/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Apex One",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "2019 (on-prem) and SaaS"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An Out-of-Bounds access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message to cause memory corruption on a certain service process which could lead to local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "OOB Access",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-10T00:00:00",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "url": "https://success.trendmicro.com/solution/000291645"
        },
        {
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1401/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2022-41745",
    "datePublished": "2022-10-10T00:00:00",
    "dateReserved": "2022-09-28T00:00:00",
    "dateUpdated": "2024-08-03T12:49:43.818Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:apex_one:-:*:*:*:saas:*:*:*\", \"matchCriteriaId\": \"97D177B6-2542-4D3D-873D-0243DEE3F0A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF019D2D-C426-4D2D-A254-442CE777B41E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An Out-of-Bounds access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message to cause memory corruption on a certain service process which could lead to local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de acceso fuera de l\\u00edmites en Trend Micro Apex One podr\\u00eda permitir a un atacante local crear un mensaje especialmente dise\\u00f1ado para causar la corrupci\\u00f3n de la memoria en un determinado proceso de servicio que podr\\u00eda conllevar a una escalada de privilegios local en las instalaciones afectadas. Nota: un atacante debe obtener primero la capacidad de ejecutar c\\u00f3digo poco privilegiado en el sistema de destino para poder explotar esta vulnerabilidad\"}]",
      "id": "CVE-2022-41745",
      "lastModified": "2024-11-21T07:23:46.803",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.0, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.0, \"impactScore\": 5.9}]}",
      "published": "2022-10-10T21:15:11.873",
      "references": "[{\"url\": \"https://success.trendmicro.com/solution/000291645\", \"source\": \"security@trendmicro.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-22-1401/\", \"source\": \"security@trendmicro.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://success.trendmicro.com/solution/000291645\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-22-1401/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "security@trendmicro.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-125\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-41745\",\"sourceIdentifier\":\"security@trendmicro.com\",\"published\":\"2022-10-10T21:15:11.873\",\"lastModified\":\"2024-11-21T07:23:46.803\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An Out-of-Bounds access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message to cause memory corruption on a certain service process which could lead to local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de acceso fuera de l\u00edmites en Trend Micro Apex One podr\u00eda permitir a un atacante local crear un mensaje especialmente dise\u00f1ado para causar la corrupci\u00f3n de la memoria en un determinado proceso de servicio que podr\u00eda conllevar a una escalada de privilegios local en las instalaciones afectadas. Nota: un atacante debe obtener primero la capacidad de ejecutar c\u00f3digo poco privilegiado en el sistema de destino para poder explotar esta vulnerabilidad\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:apex_one:-:*:*:*:saas:*:*:*\",\"matchCriteriaId\":\"97D177B6-2542-4D3D-873D-0243DEE3F0A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF019D2D-C426-4D2D-A254-442CE777B41E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://success.trendmicro.com/solution/000291645\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-22-1401/\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://success.trendmicro.com/solution/000291645\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-22-1401/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

CNVD-2022-87367

Vulnerability from cnvd - Published: 2022-12-14

Title

Trend Micro Apex One越界访问漏洞

Description

Trend Micro Apex One是美国趋势科技（Trend Micro）公司的一款终端防护软件。 Trend Micro Apex One 2019 (on-prem)、SaaS版本存在越界访问漏洞，攻击者可利用漏洞创建特制消息以导致特定服务进程的内存损坏，这可能导致本地权限提升。

Severity

低

Patch Name

Trend Micro Apex One越界访问漏洞的补丁

Patch Description

Trend Micro Apex One是美国趋势科技（Trend Micro）公司的一款终端防护软件。 Trend Micro Apex One 2019 (on-prem)、SaaS版本存在越界访问漏洞，攻击者可利用漏洞创建特制消息以导致特定服务进程的内存损坏，这可能导致本地权限提升。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://success.trendmicro.com/solution/000291645

Reference

https://success.trendmicro.com/solution/000291645

Impacted products

Name
['Trend Micro Apex One SaaS', 'Trend Micro Apex One 2019 (on-prem)']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-41745",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-41745"
    }
  },
  "description": "Trend Micro Apex One\u662f\u7f8e\u56fd\u8d8b\u52bf\u79d1\u6280\uff08Trend Micro\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u7ec8\u7aef\u9632\u62a4\u8f6f\u4ef6\u3002\n\nTrend Micro Apex One 2019 (on-prem)\u3001SaaS\u7248\u672c\u5b58\u5728\u8d8a\u754c\u8bbf\u95ee\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u521b\u5efa\u7279\u5236\u6d88\u606f\u4ee5\u5bfc\u81f4\u7279\u5b9a\u670d\u52a1\u8fdb\u7a0b\u7684\u5185\u5b58\u635f\u574f\uff0c\u8fd9\u53ef\u80fd\u5bfc\u81f4\u672c\u5730\u6743\u9650\u63d0\u5347\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://success.trendmicro.com/solution/000291645",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-87367",
  "openTime": "2022-12-14",
  "patchDescription": "Trend Micro Apex One\u662f\u7f8e\u56fd\u8d8b\u52bf\u79d1\u6280\uff08Trend Micro\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u7ec8\u7aef\u9632\u62a4\u8f6f\u4ef6\u3002\r\n\r\nTrend Micro Apex One 2019 (on-prem)\u3001SaaS\u7248\u672c\u5b58\u5728\u8d8a\u754c\u8bbf\u95ee\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u521b\u5efa\u7279\u5236\u6d88\u606f\u4ee5\u5bfc\u81f4\u7279\u5b9a\u670d\u52a1\u8fdb\u7a0b\u7684\u5185\u5b58\u635f\u574f\uff0c\u8fd9\u53ef\u80fd\u5bfc\u81f4\u672c\u5730\u6743\u9650\u63d0\u5347\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Trend Micro Apex One\u8d8a\u754c\u8bbf\u95ee\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Trend Micro Apex One SaaS",
      "Trend Micro Apex One 2019 (on-prem)"
    ]
  },
  "referenceLink": "https://success.trendmicro.com/solution/000291645",
  "serverity": "\u4f4e",
  "submitTime": "2022-10-12",
  "title": "Trend Micro Apex One\u8d8a\u754c\u8bbf\u95ee\u6f0f\u6d1e"
}

GHSA-MXGM-XW93-5M49

Vulnerability from github – Published: 2022-10-11 12:00 – Updated: 2022-10-12 12:00

Details

Severity ?

7.0 (High)


                  
                    CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-41745"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-10-10T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "An Out-of-Bounds access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message to cause memory corruption on a certain service process which could lead to local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",
  "id": "GHSA-mxgm-xw93-5m49",
  "modified": "2022-10-12T12:00:24Z",
  "published": "2022-10-11T12:00:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41745"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/solution/000291645"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1401"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2022-41745

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-41745

Aliases

CVE-2022-41745

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-41745",
    "id": "GSD-2022-41745"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-41745"
      ],
      "details": "An Out-of-Bounds access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message to cause memory corruption on a certain service process which could lead to local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",
      "id": "GSD-2022-41745",
      "modified": "2023-12-13T01:19:32.963967Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@trendmicro.com",
        "ID": "CVE-2022-41745",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Trend Micro Apex One",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "2019 (on-prem) and SaaS"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Trend Micro"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An Out-of-Bounds access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message to cause memory corruption on a certain service process which could lead to local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "OOB Access"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://success.trendmicro.com/solution/000291645",
            "refsource": "MISC",
            "url": "https://success.trendmicro.com/solution/000291645"
          },
          {
            "name": "https://www.zerodayinitiative.com/advisories/ZDI-22-1401/",
            "refsource": "MISC",
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1401/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:apex_one:-:*:*:*:saas:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2022-41745"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An Out-of-Bounds access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message to cause memory corruption on a certain service process which could lead to local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-125"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/000291645",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://success.trendmicro.com/solution/000291645"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-22-1401/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1401/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.0,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-10-11T20:03Z",
      "publishedDate": "2022-10-10T21:15Z"
    }
  }
}

FKIE_CVE-2022-41745

Vulnerability from fkie_nvd - Published: 2022-10-10 21:15 - Updated: 2024-11-21 07:23

Severity ?

7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security@trendmicro.com	https://success.trendmicro.com/solution/000291645	Patch, Vendor Advisory
security@trendmicro.com	https://www.zerodayinitiative.com/advisories/ZDI-22-1401/	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://success.trendmicro.com/solution/000291645	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.zerodayinitiative.com/advisories/ZDI-22-1401/	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
trendmicro	apex_one	-
trendmicro	apex_one	2019
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:trendmicro:apex_one:-:*:*:*:saas:*:*:*",
              "matchCriteriaId": "97D177B6-2542-4D3D-873D-0243DEE3F0A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF019D2D-C426-4D2D-A254-442CE777B41E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An Out-of-Bounds access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message to cause memory corruption on a certain service process which could lead to local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de acceso fuera de l\u00edmites en Trend Micro Apex One podr\u00eda permitir a un atacante local crear un mensaje especialmente dise\u00f1ado para causar la corrupci\u00f3n de la memoria en un determinado proceso de servicio que podr\u00eda conllevar a una escalada de privilegios local en las instalaciones afectadas. Nota: un atacante debe obtener primero la capacidad de ejecutar c\u00f3digo poco privilegiado en el sistema de destino para poder explotar esta vulnerabilidad"
    }
  ],
  "id": "CVE-2022-41745",
  "lastModified": "2024-11-21T07:23:46.803",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-10-10T21:15:11.873",
  "references": [
    {
      "source": "security@trendmicro.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://success.trendmicro.com/solution/000291645"
    },
    {
      "source": "security@trendmicro.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1401/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://success.trendmicro.com/solution/000291645"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1401/"
    }
  ],
  "sourceIdentifier": "security@trendmicro.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2022-AVI-884

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Trend Micro Apex One. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une atteinte à l'intégrité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Trend Micro	Apex One	Apex One (on-prem) versions antérieures à CP 11110/11102
	Trend Micro	Apex One	Apex One (SaaS) sans la mise à jour mensuelle de septembre 2022

References

Title

Publication Time

Tags

Bulletin de sécurité Trend Micro 000291645 du 05 octobre 2022

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apex One (on-prem) versions ant\u00e9rieures \u00e0 CP 11110/11102",
      "product": {
        "name": "Apex One",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Apex One (SaaS) sans la mise \u00e0 jour mensuelle de septembre 2022",
      "product": {
        "name": "Apex One",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-41747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41747"
    },
    {
      "name": "CVE-2022-41745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41745"
    },
    {
      "name": "CVE-2022-41748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41748"
    },
    {
      "name": "CVE-2022-41744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41744"
    },
    {
      "name": "CVE-2022-41749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41749"
    },
    {
      "name": "CVE-2022-41746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41746"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-884",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-10-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Trend Micro Apex\nOne. Elles permettent \u00e0 un attaquant de provoquer un contournement de la\npolitique de s\u00e9curit\u00e9, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Trend Micro Apex One",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro 000291645 du 05 octobre 2022",
      "url": "https://success.trendmicro.com/dcx/s/solution/000291645?"
    }
  ]
}

CERTFR-2022-AVI-884

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Trend Micro	Apex One	Apex One (on-prem) versions antérieures à CP 11110/11102
	Trend Micro	Apex One	Apex One (SaaS) sans la mise à jour mensuelle de septembre 2022

References

Title

Publication Time

Tags

Bulletin de sécurité Trend Micro 000291645 du 05 octobre 2022

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apex One (on-prem) versions ant\u00e9rieures \u00e0 CP 11110/11102",
      "product": {
        "name": "Apex One",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Apex One (SaaS) sans la mise \u00e0 jour mensuelle de septembre 2022",
      "product": {
        "name": "Apex One",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-41747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41747"
    },
    {
      "name": "CVE-2022-41745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41745"
    },
    {
      "name": "CVE-2022-41748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41748"
    },
    {
      "name": "CVE-2022-41744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41744"
    },
    {
      "name": "CVE-2022-41749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41749"
    },
    {
      "name": "CVE-2022-41746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41746"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-884",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-10-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Trend Micro Apex\nOne. Elles permettent \u00e0 un attaquant de provoquer un contournement de la\npolitique de s\u00e9curit\u00e9, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Trend Micro Apex One",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro 000291645 du 05 octobre 2022",
      "url": "https://success.trendmicro.com/dcx/s/solution/000291645?"
    }
  ]
}

JVNDB-2022-002544

Vulnerability from jvndb - Published: 2022-10-20 16:18 - Updated:2024-06-13 13:58

Severity ?

9.1 (Critical) - cvssV3_0 - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service

Details

Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

References

Type

URL

	JVN	http://jvn.jp/en/vu/JVNVU97131578/index.html
	CVE	https://www.cve.org/CVERecord?id=CVE-2022-41744
	CVE	https://www.cve.org/CVERecord?id=CVE-2022-41745
	CVE	https://www.cve.org/CVERecord?id=CVE-2022-41746
	CVE	https://www.cve.org/CVERecord?id=CVE-2022-41747
	CVE	https://www.cve.org/CVERecord?id=CVE-2022-41748
	CVE	https://www.cve.org/CVERecord?id=CVE-2022-41749
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-41744
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-41745
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-41746
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-41747
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-41748
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-41749
	Time-of-check Time-of-use (TOCTOU) Race Condition(CWE-367)	https://cwe.mitre.org/data/definitions/367.html
	Out-of-bounds Read(CWE-125)	https://cwe.mitre.org/data/definitions/125.html
	Direct Request ('Forced Browsing')(CWE-425)	https://cwe.mitre.org/data/definitions/425.html
	Improper Certificate Validation(CWE-295)	https://cwe.mitre.org/data/definitions/295.html
	Incorrect Default Permissions(CWE-276)	https://cwe.mitre.org/data/definitions/276.html
	Origin Validation Error(CWE-346)	https://cwe.mitre.org/data/definitions/346.html

Impacted products

Vendor

Product

Trend Micro, Inc.

Apex One

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002544.html",
  "dc:date": "2024-06-13T13:58+09:00",
  "dcterms:issued": "2022-10-20T16:18+09:00",
  "dcterms:modified": "2024-06-13T13:58+09:00",
  "description": "Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002544.html",
  "sec:cpe": {
    "#text": "cpe:/a:trendmicro:apex_one",
    "@product": "Apex One",
    "@vendor": "Trend Micro, Inc.",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "9.1",
    "@severity": "Critical",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2022-002544",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/vu/JVNVU97131578/index.html",
      "@id": "JVNVU#97131578",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-41744",
      "@id": "CVE-2022-41744",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-41745",
      "@id": "CVE-2022-41745",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-41746",
      "@id": "CVE-2022-41746",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-41747",
      "@id": "CVE-2022-41747",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-41748",
      "@id": "CVE-2022-41748",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-41749",
      "@id": "CVE-2022-41749",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41744",
      "@id": "CVE-2022-41744",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41745",
      "@id": "CVE-2022-41745",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41746",
      "@id": "CVE-2022-41746",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41747",
      "@id": "CVE-2022-41747",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41748",
      "@id": "CVE-2022-41748",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41749",
      "@id": "CVE-2022-41749",
      "@source": "NVD"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/367.html",
      "@id": "CWE-367",
      "@title": "Time-of-check Time-of-use (TOCTOU) Race Condition(CWE-367)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/125.html",
      "@id": "CWE-125",
      "@title": "Out-of-bounds Read(CWE-125)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/425.html",
      "@id": "CWE-425",
      "@title": "Direct Request (\u0027Forced Browsing\u0027)(CWE-425)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/295.html",
      "@id": "CWE-295",
      "@title": "Improper Certificate Validation(CWE-295)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/276.html",
      "@id": "CWE-276",
      "@title": "Incorrect Default Permissions(CWE-276)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/346.html",
      "@id": "CWE-346",
      "@title": "Origin Validation Error(CWE-346)"
    }
  ],
  "title": "Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-41745 (GCVE-0-2022-41745)

CNVD-2022-87367

GHSA-MXGM-XW93-5M49

GSD-2022-41745

FKIE_CVE-2022-41745

CERTFR-2022-AVI-884

Solution

CERTFR-2022-AVI-884

Solution

JVNDB-2022-002544

Tags

Sightings

Nomenclature