← Retour aux CVEs
CVE-2023-41179
HIGHCISA KEV7.2
Description
A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation. Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.
Details CVE
Score CVSS v3.17.2
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisHIGH
Interaction utilisateurNONE
Publie9/19/2023
Derniere modification10/31/2025
Sourcekev
Observations honeypot0
CISA KEV
FournisseurTrend Micro
ProduitApex One and Worry-Free Business Security
Nom vulnerabiliteTrend Micro Apex One and Worry-Free Business Security Remote Code Execution Vulnerability
Date ajout KEV2023-09-21
Date limite remediation2023-10-12
Utilise dans ransomwareUnknown
Produits affectes
microsoft:windowstrendmicro:apex_onetrendmicro:worry-free_business_securitytrendmicro:worry-free_business_security_services
Faiblesses (CWE)
CWE-94CWE-94
References
https://jvn.jp/en/vu/JVNVU90967486/(security@trendmicro.com)
https://success.trendmicro.com/jp/solution/000294706(security@trendmicro.com)
https://success.trendmicro.com/solution/000294994(security@trendmicro.com)
https://jvn.jp/en/vu/JVNVU90967486/(af854a3a-2127-422b-91ae-364da2661108)
https://success.trendmicro.com/jp/solution/000294706(af854a3a-2127-422b-91ae-364da2661108)
https://success.trendmicro.com/solution/000294994(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-41179(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.