CVE-2023-32555

Name of the Vulnerable Software and Affected Versions Trend Micro Apex One (affected versions not specified) Trend Micro Apex One as a Service (affected versions not specified)

Description A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. The attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The issue is related to the lack of proper locking when performing file operations, which could allow an attacker to execute arbitrary code and elevate their privileges.

Recommendations For Trend Micro Apex One, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Trend Micro Apex One as a Service, at the moment, there is no information about a newer version that contains a fix for this vulnerability.