CVE-2023-32529

Name of the Vulnerable Software and Affected Versions Trend Micro Apex Central (on-premise) (affected versions not specified)

Description The issue allows authenticated users to perform a SQL injection, potentially leading to remote code execution. An attacker must first obtain authentication on the target system to exploit this issue. It involves incorrect handling of the id parameter in the delete cert vec request to the modTMMS endpoint, which could enable a remote attacker to execute arbitrary code.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.