Lucene search
HistoryJun 26, 2023 - 10:15 p.m.
CVE-2023-30902
vulnerability
privilege escalation
trend micro
apex one
apex one as a service
local attacker
registry keys
unintentional deletion
affected installations
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS
0
Percentile
5.1%
A privilege escalation vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to unintentionally delete privileged Trend Micro registry keys including its own protected registry keys on affected installations.
Affected configurations
Node
microsoftwindowsMatch-
trendmicroapex_oneRange<14.0.12105saas
ORtrendmicroapex_oneMatch2019
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows | - | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
| trendmicro | apex_one | * | cpe:2.3:a:trendmicro:apex_one:*:*:*:*:saas:*:*:* |
| trendmicro | apex_one | 2019 | cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:* |
Related
prion
prion
Privilege escalation
2023-06-26 22:15:00
cvelist
cvelist
CVE-2023-30902
2023-06-26 21:52:39
cve
cve
CVE-2023-30902
2023-06-26 22:15:09
cnvd
cnvd
Trend Micro Apex One elevation of privilege vulnerability (CNVD-2023-65424)
2023-06-29 00:00:00
nessus
nessus
Trend Micro Apex One Multiple Vulnerabilities (000293108)
2023-06-01 00:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2023-30902