CVE-2022-24679

A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create an writable folder in an arbitrary location and escalate privileges affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:trendmicro:apex_one:-:*:*:*:saas:*:*:*
cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*
cpe:2.3:a:trendmicro:worry-free_business_security:10.0:sp1:*:*:*:*:*:*
cpe:2.3:a:trendmicro:worry-free_business_security_services:-:*:*:*:saas:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Information

Published : 2022-02-23 19:15

Updated : 2022-03-03 06:13


NVD link : CVE-2022-24679

Mitre link : CVE-2022-24679


JSON object : View

CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')

Advertisement

dedicated server usa

Products Affected

trendmicro

  • apex_one
  • worry-free_business_security_services
  • worry-free_business_security

microsoft

  • windows