CVE-2023-25148

Name of the Vulnerable Software and Affected Versions Trend Micro Apex One (affected versions not specified)

Description A security agent link following issue could allow a local attacker to exploit the vulnerability by changing a specific file into a pseudo-symlink, allowing privilege escalation on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this issue. The vulnerability is related to the incorrect determination of a link before accessing a file in the Browser Exploit Detection mechanism.

Recommendations At the moment, there is no information about a newer version that contains a fix for this issue.