CVE-2022-41747

Summary

An improper certification validation vulnerability in Trend Micro Apex One agents could allow a local attacker to load a DLL file with system service privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Affected Software

VendorProductVersion RangeStatus
Trend MicroTrend Micro Apex One2019 (on-prem) and SaaSaffected

Weaknesses

  • Improper Certification Validation

ADP Enrichment

CVE Program Container

Additional References

References