cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-55917,https://securityvulnerability.io/vulnerability/CVE-2024-55917,Origin Validation Error in Trend Micro Apex One Affecting Local Users,"An origin validation error vulnerability exists in Trend Micro Apex One, permitting local attackers to elevate privileges on compromised systems. To exploit this vulnerability, an attacker must first gain the capacity to execute low-privileged code within the target environment. As such, the risk is contingent on the initial foothold within the system, which could facilitate further malicious activities.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2024-12-31T16:16:43.723Z,0
CVE-2024-55632,https://securityvulnerability.io/vulnerability/CVE-2024-55632,Privilege Escalation Vulnerability in Trend Micro Apex One,"A vulnerability in Trend Micro Apex One arises from improper validation of security agent links, which could enable a local attacker with low-privileged code execution to escalate their privileges. This flaw opens doors for unauthorized actions that may compromise the targeted system's integrity. To successfully exploit this vulnerability, an attacker needs initial access to the targeted environment, highlighting the importance of securing entry points to maintain overall system safety.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2024-12-31T16:16:01.207Z,0
CVE-2024-55631,https://securityvulnerability.io/vulnerability/CVE-2024-55631,Local Privilege Escalation Vulnerability in Trend Micro Apex One,"An engine link following vulnerability exists in Trend Micro Apex One, which could enable a local attacker to escalate privileges on installations that are affected. For successful exploitation, the attacker must first gain the capability to execute low-privileged code on the target system, providing a potential pathway for unauthorized access and control.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2024-12-31T16:15:20.397Z,0
CVE-2024-52050,https://securityvulnerability.io/vulnerability/CVE-2024-52050,Arbitrary File Creation Vulnerability in Trend Micro Apex One,"A vulnerability exists in Trend Micro Apex One allowing local attackers to carry out arbitrary file creation. This exploitation requires prior execution of low-privileged code on the target system, leading to potential privilege escalation, thus threatening the integrity and confidentiality of affected installations. System administrators must be vigilant to safeguard against unauthorized access and ensure that security measures are in place.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2024-12-31T16:13:49.837Z,0
CVE-2024-52049,https://securityvulnerability.io/vulnerability/CVE-2024-52049,Local Privilege Escalation Vulnerability in Trend Micro Apex One,"A security vulnerability in Trend Micro Apex One related to LogServer links permits a local attacker to escalate privileges on compromised installations. While similar to another identified vulnerability, it presents distinct challenges. Exploitation requires the adversary to have already executed low-privileged code on the target system. This highlights a significant risk, as successful exploitation may allow unauthorized users to gain elevated access and perform potentially harmful actions within the affected system.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2024-12-31T16:13:12.794Z,0
CVE-2024-52048,https://securityvulnerability.io/vulnerability/CVE-2024-52048,Local Privilege Escalation Vulnerability in Trend Micro Apex One,"A vulnerability in the LogServer linking mechanism of Trend Micro Apex One could allow an attacker with local access to the system to escalate their privileges. This vulnerability requires the attacker to have already established the ability to execute low-privileged code on the target system, thereby raising security concerns for affected installations. While this vulnerability shares similarities with other identified vulnerabilities, it poses unique risks that necessitate immediate attention and remediation.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2024-12-31T16:11:41.737Z,0
CVE-2024-52047,https://securityvulnerability.io/vulnerability/CVE-2024-52047,Local File Inclusion Vulnerability in Trend Micro Apex One,"A vulnerability present in Trend Micro Apex One enables local file inclusion, allowing a remote attacker to execute arbitrary code on compromised installations. This security flaw necessitates that the attacker has previously gained the capability to run low-privileged code on the affected system, presenting a serious risk. Exploiting this vulnerability could lead to unauthorized access and control over sensitive data, making it imperative for organizations to prioritize patching and mitigation strategies to safeguard their environments.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.5,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2024-12-31T16:09:28.937Z,0
CVE-2024-36303,https://securityvulnerability.io/vulnerability/CVE-2024-36303,Origin Validation Vulnerability in Trend Micro Apex One Could Lead to Privilege Escalation,"An origin validation vulnerability has been identified in the Trend Micro Apex One security agent that could be exploited by a local attacker seeking to escalate privileges on installations of the software. For successful exploitation, the attacker would need to first execute low-privileged code on the target system. This vulnerability poses a risk as it may allow unauthorized access to sensitive system resources, potentially compromising the integrity of the environment. Similar vulnerabilities like CVE-2024-36302 highlight the importance of robust validation mechanisms to mitigate such risks.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004600000102072954,false,false,false,false,,false,false,2024-06-10T22:15:00.000Z,0
CVE-2024-37289,https://securityvulnerability.io/vulnerability/CVE-2024-37289,Improper Access Control Vulnerability in Trend Micro Apex One Could Lead to Privilege Escalation,"An improper access control vulnerability has been identified in Trend Micro Apex One, which could potentially enable a local attacker to escalate privileges on affected installations. To exploit this vulnerability, the attacker must first gain the ability to execute low-privileged code on the target system. This flaw exposes systems to additional risks, allowing unauthorized access and control over the affected applications, highlighting the need for immediate attention and remediation measures.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004600000102072954,false,false,false,false,,false,false,2024-06-10T22:15:00.000Z,0
CVE-2024-36302,https://securityvulnerability.io/vulnerability/CVE-2024-36302,Origin Validation Vulnerability in Trend Micro Apex One Could Lead to Privilege Escalation,"The vulnerability in the Trend Micro Apex One security agent relates to inadequate origin validation, which could be leveraged by a local attacker to escalate privileges on impacted installations. To exploit this flaw, an attacker must first gain access to execute low-privileged code on the targeted system, making this issue particularly concerning for environments where users have limited access rights. This vulnerability bears resemblance to CVE-2024-36303 but presents its own unique set of risks.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004600000102072954,false,false,false,false,,false,false,2024-06-10T22:15:00.000Z,0
CVE-2024-36304,https://securityvulnerability.io/vulnerability/CVE-2024-36304,Local Privilege Escalation Vulnerability in Trend Micro Apex One and Apex One as a Service,"A Time-of-Check Time-of-Use (TOCTOU) vulnerability exists within the Trend Micro Apex One and Apex One as a Service agent. This vulnerability enables a local attacker to escalate privileges, ultimately compromising the security and integrity of the system. Exploiting this vulnerability requires that the attacker first has the capability to execute code with low privileges on the target system. This underscores the importance of maintaining strict access controls and monitoring of local user activities to mitigate potential risks.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004600000102072954,false,false,false,false,,false,false,2024-06-10T22:15:00.000Z,0
CVE-2024-36306,https://securityvulnerability.io/vulnerability/CVE-2024-36306,Local Attacker Could Cause Denial-of-Service Condition on Affected Systems via Vulnerability in Trend Micro's Apex One and Apex One as a Service Damage Cleanup Engine,"A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",5.5,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-06-10T22:15:00.000Z,0
CVE-2024-36307,https://securityvulnerability.io/vulnerability/CVE-2024-36307,Vulnerability in Trend Micro Apex One and Apex One as a Service Could Lead to Sensitive Information Disclosure,"A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",4.7,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-06-10T22:15:00.000Z,0
CVE-2024-36305,https://securityvulnerability.io/vulnerability/CVE-2024-36305,Local Privilege Escalation Vulnerability in Trend Micro Apex One,"A privilege escalation vulnerability exists in Trend Micro Apex One due to a flaw in the security agent link that enables a local attacker to gain elevated privileges. To successfully exploit this vulnerability, an attacker must first execute low-privileged code on the target system. This highlights the importance of maintaining robust cybersecurity practices and ensuring that vulnerable software installations are promptly updated to mitigate potential risks.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.0004600000102072954,false,false,false,false,,false,false,2024-06-10T22:15:00.000Z,0
CVE-2023-52094,https://securityvulnerability.io/vulnerability/CVE-2023-52094,Local Privilege Escalation in Trend Micro Apex One Agent,"A vulnerability exists within the updater mechanism of the Trend Micro Apex One agent, which can be exploited by local attackers. This flaw allows unauthorized users with low-privileged access to manipulate the updater to delete arbitrary folders on compromised installations. Successful exploitation requires the attacker to first gain execution access to low-privileged code on the affected system, potentially leading to a local privilege escalation scenario. remediation actions should be taken to address this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One as a Service",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2024-01-23T20:40:30.228Z,0
CVE-2023-52093,https://securityvulnerability.io/vulnerability/CVE-2023-52093,Local Privilege Escalation Vulnerability in Trend Micro Apex One Agent,"The vulnerability in the Trend Micro Apex One agent exposes dangerous functions that can be exploited by local attackers. By leveraging this vulnerability, attackers who have already gained access to execute low-privileged code on the system can escalate their privileges, potentially compromising sensitive data and resources. This issue underscores the importance of maintaining robust security practices and timely updates to mitigate risks associated with such vulnerabilities.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.00046999999904073775,false,false,false,false,,false,false,2024-01-23T20:40:17.347Z,0
CVE-2023-52092,https://securityvulnerability.io/vulnerability/CVE-2023-52092,Privilege Escalation Vulnerability in Trend Micro Apex One,"A security agent link following vulnerability exists in Trend Micro Apex One, which may allow a local attacker to escalate privileges on affected installations. The exploitation of this vulnerability requires the attacker to have pre-existing access to execute low-privileged code on the target system, thus emphasizing the need for securing access points. Administrators should review and apply necessary patches to safeguard against potential escalations.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One as a Service",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2024-01-23T20:40:04.083Z,0
CVE-2023-52091,https://securityvulnerability.io/vulnerability/CVE-2023-52091,Privilege Escalation Vulnerability in Trend Micro Apex One,"A local privilege escalation vulnerability exists in Trend Micro Apex One due to a flaw in the anti-spyware engine. This issue can potentially be exploited by an attacker who has already managed to execute low-privileged code on a vulnerable system. Successful exploitation allows the attacker to elevate their privileges, thereby gaining increased access and control over the affected installations. Users and administrators are advised to review their systems for vulnerability to ensure proper security measures are in place.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One as a Service",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2024-01-23T20:39:50.527Z,0
CVE-2023-52090,https://securityvulnerability.io/vulnerability/CVE-2023-52090,Privilege Escalation Vulnerability in Trend Micro Apex One,"A link following vulnerability exists in Trend Micro Apex One that could enable a local attacker to escalate privileges on vulnerable installations. This vulnerability requires the attacker to have already executed low-privileged code on the affected system, which could lead to unauthorized access and manipulation of sensitive data or system resources. Effective mitigation measures are crucial to safeguard against potential exploits. Organizations using Trend Micro Apex One should assess their environments and apply necessary security updates to minimize the risks associated with this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One as a Service",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2024-01-23T20:39:38.067Z,0
CVE-2023-47202,https://securityvulnerability.io/vulnerability/CVE-2023-47202,Local File Inclusion Vulnerability in Trend Micro Apex One Management Server,"A local file inclusion vulnerability in the Trend Micro Apex One management server permits an attacker with local access to exploit the system. This vulnerability can lead to privilege escalation, enabling the attacker to execute unauthorized actions on affected installations. To carry out this exploit, the attacker must first gain the capability to run low-privileged code on the target system, making the initial access a prerequisite for the attack.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2024-01-23T20:38:51.693Z,0
CVE-2023-47201,https://securityvulnerability.io/vulnerability/CVE-2023-47201,Privilege Escalation Vulnerability in Trend Micro Apex One Security Agent,"A vulnerability exists in the Trend Micro Apex One security agent due to improper validation of plug-in manager origins. This flaw could enable a local attacker, who already has the ability to execute low-privileged code on the system, to escalate their privileges. This makes it critical for organizations using affected installations to implement security measures and ensure that all systems are monitored to mitigate the risk of exploitation.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.00046999999904073775,false,false,false,false,,false,false,2024-01-23T20:38:38.453Z,0
CVE-2023-47200,https://securityvulnerability.io/vulnerability/CVE-2023-47200,Privilege Escalation Vulnerability in Trend Micro Apex One Security Agent,"A plug-in manager origin validation vulnerability exists within the Trend Micro Apex One security agent, which may enable a local attacker to escalate their privileges on systems with affected installations. To successfully exploit this vulnerability, an attacker needs to first execute low-privileged code on the target system. This introduces potential risks, as unauthorized actions and access could be gained if the vulnerability is exploited effectively. The issue parallels another vulnerability but has unique characteristics that render it a distinct concern for users.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One as a Service",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2024-01-23T20:38:25.058Z,0
CVE-2023-47199,https://securityvulnerability.io/vulnerability/CVE-2023-47199,Origin Validation Vulnerability in Trend Micro Apex One Security Agent,"An origin validation vulnerability exists within the Trend Micro Apex One security agent that allows a local attacker to escalate their privileges on systems running the affected product. To successfully exploit this vulnerability, an attacker must first have the capability to execute low-privileged code on the target machine. This vulnerability raises security concerns as it could lead to unauthorized access and greater control of the affected installation. It is important for users of Trend Micro Apex One to review their security policies and apply any patches or updates provided by the vendor to mitigate potential risks associated with this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One as a Service",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2024-01-23T20:38:09.676Z,0
CVE-2023-47198,https://securityvulnerability.io/vulnerability/CVE-2023-47198,Origin Validation Vulnerability in Trend Micro Apex One Security Agent,"An origin validation issue has been identified in the Trend Micro Apex One security agent, which could potentially allow a local attacker to escalate privileges on systems running vulnerable installations. To exploit this vulnerability, an attacker must first gain the ability to execute low-privileged code on the target system. This provides a pathway for further malicious activities, highlighting the importance of timely updates and patches to secure affected deployments.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One as a Service",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2024-01-23T20:37:56.639Z,0
CVE-2023-47197,https://securityvulnerability.io/vulnerability/CVE-2023-47197,Origin Validation Vulnerability in Trend Micro Apex One Security Agent,"An origin validation vulnerability exists within the Trend Micro Apex One security agent that can be exploited by local attackers. This flaw enables unauthorized privilege escalation on compromised installations. For successful exploitation, the attacker must first gain the ability to execute low-privileged code on the affected system. This vulnerability bears resemblance to another identified issue but is distinct in its specifics, broadening the scope of potential local threats to users of the Apex One product.",Trend Micro,"Trend Micro Apex One,Trend Micro Apex One As A Service",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2024-01-23T20:37:43.898Z,0