Trend Micro Fixes Zero-Day Vulnerability Under Attack in Endpoint Security Products

September 19, 2023

Trend Micro has rectified a zero-day code execution vulnerability, designated as CVE-2023-41179, in its Apex One product. This flaw has been actively exploited in assaults. In an advisory released on Tuesday, Trend Micro alerted its customers to a critical vulnerability present in Apex One and several other endpoint security products. The zero-day vulnerability, which affects Apex One, Apex One SaaS, and Worry-Free Business Security products, is linked to the products' capability to uninstall third-party security software and could be harnessed for arbitrary code execution.

Trend Micro stated in a Japanese-language advisory, “To exploit this vulnerability, an attacker would need to be able to log into the product’s administrative console. Because an attacker would need to have stolen the product’s management console authentication information in advance, they would not be able to infiltrate the target network using this vulnerability alone.” The company also confirmed that this vulnerability has been utilized in actual attacks and strongly recommended updating to the latest version as soon as possible. Fixes have been rolled out for each of the affected products.

Typically, Trend Micro does not disclose information regarding the attacks that exploit vulnerabilities discovered in its products. Nevertheless, there have been occasional instances where some information has been disclosed, including attribution to Chinese threat actors and the potential exploitation of a flaw in an attack targeting Mitsubishi Electric. Over the past few years, several vulnerabilities in Trend Micro products have been exploited in attacks. Nine such flaws are currently listed in CISA's Known Exploited Vulnerabilities Catalog. The most recent zero-day has not yet been added to the catalog.

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.