← Voltar para CVEs
CVE-2023-41179
HIGHCISA KEV7.2
Descricao
A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation. Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.
Detalhes CVE
Pontuacao CVSS v3.17.2
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosHIGH
Interacao do usuarioNONE
Publicado9/19/2023
Ultima modificacao10/31/2025
Fontekev
Avistamentos honeypot0
CISA KEV
FornecedorTrend Micro
ProdutoApex One and Worry-Free Business Security
Nome da vulnerabilidadeTrend Micro Apex One and Worry-Free Business Security Remote Code Execution Vulnerability
Data inclusao KEV2023-09-21
Prazo de remediacao2023-10-12
Uso em ransomwareUnknown
Produtos afetados
microsoft:windowstrendmicro:apex_onetrendmicro:worry-free_business_securitytrendmicro:worry-free_business_security_services
Fraquezas (CWE)
CWE-94CWE-94
Referencias
https://jvn.jp/en/vu/JVNVU90967486/(security@trendmicro.com)
https://success.trendmicro.com/jp/solution/000294706(security@trendmicro.com)
https://success.trendmicro.com/solution/000294994(security@trendmicro.com)
https://jvn.jp/en/vu/JVNVU90967486/(af854a3a-2127-422b-91ae-364da2661108)
https://success.trendmicro.com/jp/solution/000294706(af854a3a-2127-422b-91ae-364da2661108)
https://success.trendmicro.com/solution/000294994(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-41179(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.