CVE-2022-40139

CVSS 7.2 HIGHEPSS 2.9%● KEV

Vexday Risk Score

51Attention

SSVC decision (CISA)

Act

Exploitation + impact → act immediately

CVSS 7.2EPSS 2.9%KEV simPoC —Nuclei —Metasploit —Patch —

Lifecycle

15 Sep 2022Active exploitation (CISA KEV)

19 Sep 2022Published on NVD

Recommendation: Patch as soon as possible — active exploitation confirmed.

In short

Trend Micro Apex One's rollback feature doesn't properly verify downloaded packages, allowing a server administrator with compromised credentials to trick client computers into installing malicious software that could take over the system.

Technical detail

The rollback mechanism in Apex One clients lacks proper validation of package integrity and authenticity, allowing an authenticated server administrator to deliver unsigned or modified packages via the admin console. This can result in remote code execution on affected client endpoints without user interaction.

Summary generated and translated by AI from the official description.

Improper validation of some components used by the rollback mechanism in Trend Micro Apex One and Trend Micro Apex One as a Service clients could allow a Apex One server administrator to instruct affected clients to download an unverified rollback package, which could lead to remote code execution. Please note: an attacker must first obtain Apex One server administration console access in order to exploit this vulnerability.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Trend Micro · Trend Micro Apex One

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://success.trendmicro.com/solution/000291528 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-40139