Security News > 2022 > April > Trend Micro fixes actively exploited remote code execution bug

Trend Micro fixes actively exploited remote code execution bug
2022-04-01 16:58

Japanese cybersecurity software firm Trend Micro has patched a high severity security flaw in the Apex Central product management console that can let attackers execute arbitrary code remotely.

Apex Central is a web-based management console that helps system admins manage Trend Micro products and services throughout the network.

On Thursday, Trend Micro said it observed attempts to exploit the vulnerability in the wild as part of an ongoing attack.

On Thursday, following Trend Micro's disclosure, the Cybersecurity and Infrastructure Security Agency ordered federal civilian agencies to patch the actively exploited Apex Central bug within the next three weeks, until April 21, 2022.

The cybersecurity agency also urged private and public sector organizations in the US to prioritize patching this actively exploited bug to decrease their networks' exposure to ongoing attacks.

CISA added the Trend Micro flaw to its Known Exploited Vulnerabilities Catalog, a list of security bugs exploited in the wild, with seven others, including a critical Sophos firewall bug.


News URL

https://www.bleepingcomputer.com/news/security/trend-micro-fixes-actively-exploited-remote-code-execution-bug/