Vulnerabilities > Trendmicro > Apex ONE > 2019
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-10 | CVE-2022-41748 | Incorrect Default Permissions vulnerability in Trendmicro Apex ONE 2019 A registry permissions vulnerability in the Trend Micro Apex One Data Loss Prevention (DLP) module could allow a local attacker with administrative credentials to bypass certain elements of the product's anti-tampering mechanisms on affected installations. | 6.7 |
| 2022-10-10 | CVE-2022-41749 | Origin Validation Error vulnerability in Trendmicro Apex ONE 2019 An origin validation error vulnerability in Trend Micro Apex One agents could allow a local attacker to escalate privileges on affected installations. | 7.8 |
| 2022-09-19 | CVE-2022-40139 | Unspecified vulnerability in Trendmicro Apex ONE 2019 Improper validation of some components used by the rollback mechanism in Trend Micro Apex One and Trend Micro Apex One as a Service clients could allow a Apex One server administrator to instruct affected clients to download an unverified rollback package, which could lead to remote code execution. | 7.2 |
| 2022-09-19 | CVE-2022-40140 | Origin Validation Error vulnerability in Trendmicro Apex ONE 2019 An origin validation error vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to cause a denial-of-service on affected installations. | 5.5 |
| 2022-09-19 | CVE-2022-40141 | Unspecified vulnerability in Trendmicro Apex ONE 2019 A vulnerability in Trend Micro Apex One and Apex One as a Service could allow an attacker to intercept and decode certain communication strings that may contain some identification attributes of a particular Apex One server. | 7.5 |
| 2022-09-19 | CVE-2022-40142 | Improper Privilege Management vulnerability in Trendmicro Apex ONE 2019 A security link following local privilege escalation vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service agents could allow a local attacker to create a writable folder in an arbitrary location and escalate privileges on affected installations. | 7.8 |
| 2022-09-19 | CVE-2022-40143 | Link Following vulnerability in Trendmicro Apex ONE 2019 A link following local privilege escalation vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service servers could allow a local attacker to abuse an insecure directory that could allow a low-privileged user to run arbitrary code with elevated privileges. | 7.3 |
| 2022-09-19 | CVE-2022-40144 | Improper Authentication vulnerability in Trendmicro Apex ONE 2019 A vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service could allow an attacker to bypass the product's login authentication by falsifying request parameters on affected installations. | 9.8 |
| 2022-07-30 | CVE-2022-36336 | Link Following vulnerability in Trendmicro products A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local attacker to escalate privileges on affected installations. | 7.8 |
| 2022-05-27 | CVE-2022-30700 | Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Apex ONE 2019 An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. | 7.8 |