CVE-2022-24678

Name of the Vulnerable Software and Affected Versions Trend Micro Apex One (affected versions not specified) Trend Micro Apex One as a Service (affected versions not specified) Trend Micro Worry-Free Business Security 10.0 SP1 Trend Micro Worry-Free Business Security Services (affected versions not specified)

Description A security agent resource exhaustion denial-of-service issue could allow an attacker to flood a temporary log location and consume all disk space on affected installations.

Recommendations For Trend Micro Apex One, consider restricting access to temporary log locations to minimize the risk of exploitation. For Trend Micro Apex One as a Service, consider implementing measures to limit disk space consumption. For Trend Micro Worry-Free Business Security 10.0 SP1, restrict access to vulnerable components until a fix is available. For Trend Micro Worry-Free Business Security Services, avoid configurations that could lead to resource exhaustion until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.