PT-2023-5336 · Trend Micro · Apex One As A Service+1

Published

2023-06-26

Updated

2023-06-30

CVE-2023-32557

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Trend Micro Apex One and Apex One as a Service (affected versions not specified)

Description The issue is related to a path traversal vulnerability. This vulnerability could allow an unauthenticated attacker to upload an arbitrary file to the Management Server, potentially leading to remote code execution with system privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

BDU:2023-05964

CVE-2023-32557

Affected Products

Apex One As A Service

Trend Micro Apex One

PT-2023-5336 · Trend Micro · Apex One As A Service+1

CVE-2023-32557

Weakness Enumeration

Related Identifiers

Affected Products

References · 5