CVE-2022-40139
CVE-2022-40139
In short
Trend Micro Apex One's rollback feature doesn't properly verify downloaded packages, allowing a server administrator with compromised credentials to trick client computers into installing malicious software that could take over the system.
Technical detail
The rollback mechanism in Apex One clients lacks proper validation of package integrity and authenticity, allowing an authenticated server administrator to deliver unsigned or modified packages via the admin console. This can result in remote code execution on affected client endpoints without user interaction.
Summary generated and translated by AI from the official description.
Improper validation of some components used by the rollback mechanism in Trend Micro Apex One and Trend Micro Apex One as a Service clients could allow a Apex One server administrator to instruct affected clients to download an unverified rollback package, which could lead to remote code execution. Please note: an attacker must first obtain Apex One server administration console access in order to exploit this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected products
Trend Micro · Trend Micro Apex OneWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →