Trend Micro on Tuesday released an advisory to warn customers that a critical vulnerability affecting Apex One and other endpoint security products has been exploited in the wild.
The zero-day flaw, tracked as CVE-2023-41179, impacts Apex One, Apex One SaaS, and Worry-Free Business Security products.
The vulnerability, related to the products’ ability to uninstall third-party security software, can be exploited for arbitrary code execution.
“To exploit this vulnerability, an attacker would need to be able to log into the product’s administrative console. Because an attacker would need to have stolen the product’s management console authentication information in advance, they would not be able to infiltrate the target network using this vulnerability alone,” Trend Micro noted in a Japanese-language advisory.
It added, “Trend Micro has confirmed that this vulnerability has been used in actual attacks. We recommend updating to the latest version as soon as possible.”
Patches have been released for each of the impacted products.
Trend Micro typically does not share information about the attacks exploiting vulnerabilities found in its products.
However, there have been a few instances where some information has come to light, including attribution to Chinese threat actors and the possible exploitation of a flaw in an attack targeting Mitsubishi Electric.
Several Trend Micro product vulnerabilities have been exploited in attacks in the past few years. CISA currently lists nine such flaws in its Known Exploited Vulnerabilities Catalog. The latest zero-day has yet to be added.
Related: Trend Micro Patches Another Apex One Vulnerability Exploited in Attacks
Related: Trend Micro Patches Two Vulnerabilities Exploited in the Wild
Related: AV Under Attack: Trend Micro Confirms Apex One Exploitation
Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- macOS 14 Sonoma Patches 60 Vulnerabilities
- New GPU Side-Channel Attack Allows Malicious Websites to Steal Data
- Microsoft Adding New Security Features to Windows 11
- Sony Investigating After Hackers Offer to Sell Stolen Data
- 900 US Schools Impacted by MOVEit Hack at National Student Clearinghouse
- Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks
- China’s Offensive Cyber Operations in Africa Support Soft Power Efforts
- SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
Latest News
- Chinese Gov Hackers Caught Hiding in Cisco Router Firmware
- CISA Unveils New HBOM Framework to Track Hardware Components
- Gem Security Lands $23 Million Series A Funding
- Misconfigured TeslaMate Instances Put Tesla Car Owners at Risk
- Firefox 118 Patches High-Severity Vulnerabilities
- Stolen GitHub Credentials Used to Push Fake Dependabot Commits
- Google Open Sources Binary File Comparison Tool BinDiff
- macOS 14 Sonoma Patches 60 Vulnerabilities
