https://success.trendmicro.com/solution/000296151 <br/></td> CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"/>https://success.trendmicro.com/solution/000296151 <br/></td> CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"/>
Improper Link Resolution Before File Access ('Link Following') (CWE-59)
This vulnerability affects the Trend Micro Apex One Security Agent, specifically within the Anti-Spyware Engine running in the Apex One RealTime Scan service. It allows local attackers to escalate privileges on affected installations. The flaw involves the ability to abuse the service to delete a file by creating a junction.
Successful exploitation of this vulnerability can lead to privilege escalation, allowing an attacker to execute arbitrary code in the context of SYSTEM. This means an attacker could gain full control over the affected system, potentially compromising the confidentiality, integrity, and availability of data and resources. The CVSS v3 base score is 7.8 (High), with high impacts on confidentiality, integrity, and availability.
One proof-of-concept exploit is available on zerodayinitiative.com. There is no evidence of proof of exploitation at the moment.
A patch is available. Trend Micro has issued an update to correct this vulnerability. More details can be found at: https://success.trendmicro.com/solution/000296151
1. Apply the patch provided by Trend Micro as soon as possible. 2. Limit local access to systems running Trend Micro Apex One Security Agent to trusted users only. 3. Monitor for any suspicious activities or unauthorized privilege escalations on affected systems. 4. Implement the principle of least privilege to minimize the potential impact of successful exploits. 5. Keep the Trend Micro Apex One Security Agent and all related components up to date with the latest security patches.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Feedly found the first article mentioning CVE-2023-52091. See article
Feedly estimated the CVSS score as HIGH
NVD published the first details for CVE-2023-52091
Feedly estimated the CVSS score as MEDIUM
Detection for the vulnerability has been added to Qualys (379319)
EPSS Score was set to: 0.05% (Percentile: 12.6%)