cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-55955,https://securityvulnerability.io/vulnerability/CVE-2024-55955,Incorrect Permissions Assignment in Trend Micro Deep Security Agents,"The vulnerability in Trend Micro Deep Security 20.0 agents arises from incorrect permissions assignment, affecting versions between 20.0.1-9400 and 20.0.1-23340. This flaw permits local attackers, who have already executed low-privileged code, to escalate their privileges on compromised installations. Remedial actions are essential to ensure that security configurations are correctly set to mitigate potential exploitation risks.",Trend Micro,Trend Micro Deep Security,6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2024-12-31T16:19:35.471Z,0
CVE-2024-55917,https://securityvulnerability.io/vulnerability/CVE-2024-55917,Origin Validation Error in Trend Micro Apex One Affecting Local Users,"An origin validation error vulnerability exists in Trend Micro Apex One, permitting local attackers to elevate privileges on compromised systems. To exploit this vulnerability, an attacker must first gain the capacity to execute low-privileged code within the target environment. As such, the risk is contingent on the initial foothold within the system, which could facilitate further malicious activities.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2024-12-31T16:16:43.723Z,0
CVE-2024-55632,https://securityvulnerability.io/vulnerability/CVE-2024-55632,Privilege Escalation Vulnerability in Trend Micro Apex One,"A vulnerability in Trend Micro Apex One arises from improper validation of security agent links, which could enable a local attacker with low-privileged code execution to escalate their privileges. This flaw opens doors for unauthorized actions that may compromise the targeted system's integrity. To successfully exploit this vulnerability, an attacker needs initial access to the targeted environment, highlighting the importance of securing entry points to maintain overall system safety.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2024-12-31T16:16:01.207Z,0
CVE-2024-55631,https://securityvulnerability.io/vulnerability/CVE-2024-55631,Local Privilege Escalation Vulnerability in Trend Micro Apex One,"An engine link following vulnerability exists in Trend Micro Apex One, which could enable a local attacker to escalate privileges on installations that are affected. For successful exploitation, the attacker must first gain the capability to execute low-privileged code on the target system, providing a potential pathway for unauthorized access and control.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2024-12-31T16:15:20.397Z,0
CVE-2024-53647,https://securityvulnerability.io/vulnerability/CVE-2024-53647,Email Verification Request Vulnerability in Trend Micro ID Security,"The identified vulnerability in Trend Micro ID Security versions 3.0 and below enables an attacker to exploit the system by sending an unrestricted number of email verification requests. This flaw can lead to potential misuse or overwhelm the system, resulting in service disruptions. Organizations using these versions are urged to assess their security posture and consider applying necessary updates or patches to mitigate the risks associated with this vulnerability.",Trend Micro,Trend Micro Id Security,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2024-12-31T16:14:21.800Z,0
CVE-2024-52050,https://securityvulnerability.io/vulnerability/CVE-2024-52050,Arbitrary File Creation Vulnerability in Trend Micro Apex One,"A vulnerability exists in Trend Micro Apex One allowing local attackers to carry out arbitrary file creation. This exploitation requires prior execution of low-privileged code on the target system, leading to potential privilege escalation, thus threatening the integrity and confidentiality of affected installations. System administrators must be vigilant to safeguard against unauthorized access and ensure that security measures are in place.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2024-12-31T16:13:49.837Z,0
CVE-2024-52049,https://securityvulnerability.io/vulnerability/CVE-2024-52049,Local Privilege Escalation Vulnerability in Trend Micro Apex One,"A security vulnerability in Trend Micro Apex One related to LogServer links permits a local attacker to escalate privileges on compromised installations. While similar to another identified vulnerability, it presents distinct challenges. Exploitation requires the adversary to have already executed low-privileged code on the target system. This highlights a significant risk, as successful exploitation may allow unauthorized users to gain elevated access and perform potentially harmful actions within the affected system.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2024-12-31T16:13:12.794Z,0
CVE-2024-52048,https://securityvulnerability.io/vulnerability/CVE-2024-52048,Local Privilege Escalation Vulnerability in Trend Micro Apex One,"A vulnerability in the LogServer linking mechanism of Trend Micro Apex One could allow an attacker with local access to the system to escalate their privileges. This vulnerability requires the attacker to have already established the ability to execute low-privileged code on the target system, thereby raising security concerns for affected installations. While this vulnerability shares similarities with other identified vulnerabilities, it poses unique risks that necessitate immediate attention and remediation.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2024-12-31T16:11:41.737Z,0
CVE-2024-52047,https://securityvulnerability.io/vulnerability/CVE-2024-52047,Local File Inclusion Vulnerability in Trend Micro Apex One,"A vulnerability present in Trend Micro Apex One enables local file inclusion, allowing a remote attacker to execute arbitrary code on compromised installations. This security flaw necessitates that the attacker has previously gained the capability to run low-privileged code on the affected system, presenting a serious risk. Exploiting this vulnerability could lead to unauthorized access and control over sensitive data, making it imperative for organizations to prioritize patching and mitigation strategies to safeguard their environments.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.5,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2024-12-31T16:09:28.937Z,0
CVE-2024-51503,https://securityvulnerability.io/vulnerability/CVE-2024-51503,Manual Scan Command Injection Vulnerability in Trend Micro Deep Security 20 Agent Could Allow Privilege Escalation and Code Execution,"The vulnerability CVE-2024-51503 is a critical security flaw in the Trend Micro Deep Security 20 Agent, allowing attackers to execute arbitrary code on affected machines, potentially leading to privilege escalation across the domain. This vulnerability affects the manual scan feature within Trend Micro Deep Security, specifically on systems running Deep Security 20. The exploitation of this vulnerability requires the attacker to have local access to the system and domain user privileges. Trend Micro has released updated versions of the affected products to mitigate the vulnerability and strongly encourages users to apply these patches immediately. Despite the complexity of exploiting this flaw, Trend Micro advises customers to update to the latest builds of their software to ensure maximum security.",Trend Micro,Trend Micro Deep Security,8,HIGH,0.0004299999854993075,false,,true,false,true,2024-11-20T08:59:45.000Z,,false,false,,2024-11-19T19:15:00.000Z,0
CVE-2024-48904,https://securityvulnerability.io/vulnerability/CVE-2024-48904,Arbitrary Code Execution Vulnerability in Trend Micro Cloud Edge,"An command injection vulnerability in Trend Micro Cloud Edge could allow a remote attacker to execute arbitrary code on affected appliances.

Please note: authentication is not required in order to exploit this vulnerability.",Trend Micro,,,,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-10-22T19:15:00.000Z,0
CVE-2024-45335,https://securityvulnerability.io/vulnerability/CVE-2024-45335,Trend Micro Antivirus One vulnerability allows attackers to evade virus scan detection,"Trend Micro Antivirus One, version 3.10.4 and below contains a vulnerability that could allow an attacker to use a specifically crafted virus to allow itself to bypass and evade a virus scan detection.",Trend Micro,Antivirus One,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-22T19:15:00.000Z,0
CVE-2024-41183,https://securityvulnerability.io/vulnerability/CVE-2024-41183,Vulnerability in Trend Micro VPN Allows Elevation of Privileges,"Trend Micro VPN, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite under specific conditions that can lead to elevation of privileges.",Trend Micro,,,,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-10-22T19:15:00.000Z,0
CVE-2024-45334,https://securityvulnerability.io/vulnerability/CVE-2024-45334,Unauthorized Access Vulnerability in Trend Micro Antivirus One,"Trend Micro Antivirus One versions 3.10.4 and below are susceptible to an Arbitrary Configuration Update vulnerability. This flaw enables attackers to gain unauthorized access to critical product configurations and functions, potentially compromising system integrity and user security. Proper measures should be taken to review and update the affected products to prevent exploitation.",Trend Micro,Antivirus One,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-22T19:15:00.000Z,0
CVE-2024-48903,https://securityvulnerability.io/vulnerability/CVE-2024-48903,Improper Access Control Vulnerability in Trend Micro Deep Security Agent 20 Could Lead to Escalated Privileges,"An improper access control vulnerability in Trend Micro Deep Security Agent 20 could allow a local attacker to escalate privileges on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,,,,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-10-22T19:15:00.000Z,0
CVE-2024-46902,https://securityvulnerability.io/vulnerability/CVE-2024-46902,Vulnerability in Trend Micro Deep Discovery Inspector Could Allow Sensitive Information Disclosure,"An identified vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above creates a potential for attackers to disclose sensitive information from compromised installations. To exploit this vulnerability, an attacker must first secure administrative user rights on the target system. This pre-requisite highlights the importance of controlling access to high-privilege accounts, as exploitation hinges on obtaining these elevated permissions. Organizations utilizing Trend Micro DDI should prioritize reviewing their security practices and user access controls to mitigate the risks associated with this vulnerability.",Trend Micro,Deep Discovery Inspector,9.1,CRITICAL,0.0006600000197067857,false,,false,false,false,,,false,false,,2024-10-22T19:15:00.000Z,0
CVE-2024-46903,https://securityvulnerability.io/vulnerability/CVE-2024-46903,Attackers could disclose sensitive information through DDI vulnerability,"A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,Trend Micro Deep Discovery Inspector,6.5,MEDIUM,0.0010499999625608325,false,,false,false,false,,,false,false,,2024-10-22T19:15:00.000Z,0
CVE-2024-39753,https://securityvulnerability.io/vulnerability/CVE-2024-39753,ModOSCE SQL Injection Vulnerability in Apex One Could Allow Remote Code Execution,"An modOSCE SQL Injection vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,,,,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-10-22T19:15:00.000Z,0
CVE-2024-36306,https://securityvulnerability.io/vulnerability/CVE-2024-36306,Local Attacker Could Cause Denial-of-Service Condition on Affected Systems via Vulnerability in Trend Micro's Apex One and Apex One as a Service Damage Cleanup Engine,"A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",5.5,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-06-10T22:15:00.000Z,0
CVE-2024-36307,https://securityvulnerability.io/vulnerability/CVE-2024-36307,Vulnerability in Trend Micro Apex One and Apex One as a Service Could Lead to Sensitive Information Disclosure,"A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",4.7,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-06-10T22:15:00.000Z,0
CVE-2024-36358,https://securityvulnerability.io/vulnerability/CVE-2024-36358,Low-Privilege Code Execution Vulnerability in Trend Micro Deep Security 20.x Agents Could Lead to Privilege Escalation,"A vulnerability exists in the Trend Micro Deep Security 20.x agents prior to build 20.0.1-3180 that allows local attackers to escalate privileges. This vulnerability stems from a link following weakness, which requires an attacker to first execute low-privileged code on the impacted system. Exploitation of this flaw could enable unauthorized escalation of system privileges, posing significant risks to affected environments.",Trend Micro,Trend Micro Deep Security Agent,7.8,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-06-10T22:15:00.000Z,0
CVE-2024-36305,https://securityvulnerability.io/vulnerability/CVE-2024-36305,Local Privilege Escalation Vulnerability in Trend Micro Apex One,"A privilege escalation vulnerability exists in Trend Micro Apex One due to a flaw in the security agent link that enables a local attacker to gain elevated privileges. To successfully exploit this vulnerability, an attacker must first execute low-privileged code on the target system. This highlights the importance of maintaining robust cybersecurity practices and ensuring that vulnerable software installations are promptly updated to mitigate potential risks.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-06-10T22:15:00.000Z,0
CVE-2024-36304,https://securityvulnerability.io/vulnerability/CVE-2024-36304,Local Privilege Escalation Vulnerability in Trend Micro Apex One and Apex One as a Service,"A Time-of-Check Time-of-Use (TOCTOU) vulnerability exists within the Trend Micro Apex One and Apex One as a Service agent. This vulnerability enables a local attacker to escalate privileges, ultimately compromising the security and integrity of the system. Exploiting this vulnerability requires that the attacker first has the capability to execute code with low privileges on the target system. This underscores the importance of maintaining strict access controls and monitoring of local user activities to mitigate potential risks.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-06-10T22:15:00.000Z,0
CVE-2024-36302,https://securityvulnerability.io/vulnerability/CVE-2024-36302,Origin Validation Vulnerability in Trend Micro Apex One Could Lead to Privilege Escalation,"The vulnerability in the Trend Micro Apex One security agent relates to inadequate origin validation, which could be leveraged by a local attacker to escalate privileges on impacted installations. To exploit this flaw, an attacker must first gain access to execute low-privileged code on the targeted system, making this issue particularly concerning for environments where users have limited access rights. This vulnerability bears resemblance to CVE-2024-36303 but presents its own unique set of risks.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-06-10T22:15:00.000Z,0
CVE-2024-36359,https://securityvulnerability.io/vulnerability/CVE-2024-36359,Potential Privilege Escalation Vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5,"A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 could allow an attacker to escalate privileges on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,Trend Micro Interscan Web Security Virtual Appliance,5.4,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2024-06-10T22:15:00.000Z,0