Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2022-40139

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2022-40139

Description:
Improper validation of some components used by the rollback mechanism in Trend Micro Apex One and Trend Micro Apex One as a Service clients could allow a Apex One server administrator to instruct affected clients to download an unverified rollback package, which could lead to remote code execution. Please note: an attacker must first obtain Apex One server administration console access in order to exploit this vulnerability.
Last updated date:
09/21/2022

Reports

alt

ACTIVELY EXPLOITED

Type:
exploitation
Confidence:
HIGH
Date of publishing:
09/13/2022
Reference url to background

https://success.trendmicro.com/dcx/s/solution/000291528?language=en_US

Type:
exploitation
Confidence:
HIGH
Date of publishing:
09/15/2022
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2022

Privacy Policy