← Zuruck zu CVEs
CVE-2023-41179
HIGHCISA KEV7.2
Beschreibung
A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation. Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.
CVE Details
CVSS v3.1 Bewertung7.2
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienHIGH
BenutzerinteraktionNONE
Veroffentlicht9/19/2023
Zuletzt geandert10/31/2025
Quellekev
Honeypot-Sichtungen0
CISA KEV
HerstellerTrend Micro
ProduktApex One and Worry-Free Business Security
SchwachstellennameTrend Micro Apex One and Worry-Free Business Security Remote Code Execution Vulnerability
KEV Aufnahmedatum2023-09-21
Behebungsfrist2023-10-12
Ransomware-NutzungUnknown
Betroffene Produkte
microsoft:windowstrendmicro:apex_onetrendmicro:worry-free_business_securitytrendmicro:worry-free_business_security_services
Schwachen (CWE)
CWE-94CWE-94
Referenzen
https://jvn.jp/en/vu/JVNVU90967486/(security@trendmicro.com)
https://success.trendmicro.com/jp/solution/000294706(security@trendmicro.com)
https://success.trendmicro.com/solution/000294994(security@trendmicro.com)
https://jvn.jp/en/vu/JVNVU90967486/(af854a3a-2127-422b-91ae-364da2661108)
https://success.trendmicro.com/jp/solution/000294706(af854a3a-2127-422b-91ae-364da2661108)
https://success.trendmicro.com/solution/000294994(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-41179(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.