CVE-2024-58105

High CVSS: 7.3

A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass existing security and execute arbitrary code on affected installations.

This CVE address an addtional bypass not covered in CVE-2024-58104.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Vendor

Trendmicro

Product

Apex One

CWE

CWE-286

Yayın Tarihi

2025-03-25 18:15:34

Güncelleme

2025-08-01 15:23:01

Source Identifier

security@trendmicro.com

KEV Date Added

Kategoriler

CWE-286 Apex One HIGH Trendmicro 2025

Referanslar

https://success.trendmicro.com/en-US/solution/KA-0018217

Benzer Kayıtlar

High

CVE-2025-69259

A message unchecked NULL return value vulnerability in Trend Micro Apex Central could allow a remote attacker to create…

High

CVE-2025-69260

A message out-of-bounds read vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-…

Critical

CVE-2025-69258

A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an atta…

Critical

CVE-2025-54987

A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker…

Critical

CVE-2025-54948

A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker…

High

CVE-2025-53378

A missing authentication vulnerability in Trend Micro Worry-Free Business Security Services (WFBSS) agent could have all…