Vulnerabilities > Trendmicro > Apex ONE > 14.0.10349
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-23 | CVE-2023-47200 | Origin Validation Error vulnerability in Trendmicro Apex ONE A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47201. | 7.8 |
| 2024-01-23 | CVE-2023-47201 | Unspecified vulnerability in Trendmicro Apex ONE A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47200. | 7.8 |
| 2024-01-23 | CVE-2023-47202 | Unspecified vulnerability in Trendmicro Apex ONE A local file inclusion vulnerability on the Trend Micro Apex One management server could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 |
| 2024-01-23 | CVE-2023-52090 | Link Following vulnerability in Trendmicro Apex ONE A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 |
| 2024-01-23 | CVE-2023-52091 | Link Following vulnerability in Trendmicro Apex ONE An anti-spyware engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 |
| 2024-01-23 | CVE-2023-52092 | Link Following vulnerability in Trendmicro Apex ONE A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 |
| 2024-01-23 | CVE-2023-52093 | Unspecified vulnerability in Trendmicro Apex ONE An exposed dangerous function vulnerability in the Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 |
| 2024-01-23 | CVE-2023-52094 | Link Following vulnerability in Trendmicro Apex ONE An updater link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to abuse the updater to delete an arbitrary folder, leading for a local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 |
| 2024-01-23 | CVE-2023-52330 | Cross-site Scripting vulnerability in Trendmicro Apex ONE A cross-site scripting vulnerability in Trend Micro Apex Central could allow a remote attacker to execute arbitrary code on affected installations of Trend Micro Apex Central. Please note: user interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. | 6.1 |
| 2023-06-26 | CVE-2023-30902 | Unspecified vulnerability in Trendmicro Apex ONE 14.0.10349/2019 A privilege escalation vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to unintentionally delete privileged Trend Micro registry keys including its own protected registry keys on affected installations. | 5.5 |