Attackers can exploit several security vulnerabilities in Trend Micro Apex One and security updates are now available.

Apex One and Apex One as a Service from Trend Micro are vulnerable under Windows. The security solution is actually supposed to protect computers, but now attackers can target six vulnerabilities and attack systems.

To carry out attacks, attackers must be able to access PCs physically or remotely and be able to execute code with low user rights. If these conditions are met, attackers can gain higher user rights. There are currently no detailed details on how such attacks work. It is also unknown whether attacks have already taken place and how administrators can identify attacked computers.

Updates are recommended

In the according security bulletin, the developers list the patched versions Apex One SP1 build 13140 and Apex One as a Service December 2024 Monthly Maintenance (202412) Agent version 14.0.14203. The security vulnerabilities closed in them (CVE-2024-52048, CVE-2024-52049, CVE-2024-52050, CVE-2024-55631, CVE-2024-55632, CVE-2024-55917) are classified with a threat level of high.

Details summary

Updates Release Date: December 16, 2024 CVE Identifiers: CVE-2024-52048, CVE-2024-52049, CVE-2024-52050, CVE-2024-55631, CVE-2024-55632, CVE-2024-55917 Platform: Windows CVSS 3.0 Score(s): 7.8 Weakness ID(s): CWE-266 (x2), CWE-59, CWE-269 (x2), CWE-346 Severity Rating(s): HIGH

Trend Micro has released new builds for Trend Micro Apex One and Apex One as a Service that resolve multiple vulnerabilities.

Vulnerability details can be found here.