CVE-2022-40139
Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability
CVSS
—
No CVSS
EPSS
3.1%
p86
KEV
YES
Sep 15, 2022
Exploit Today
76
0-100
Published: — · Last modified: —
Product
Trend Micro / Apex One and Apex One as a Service
Vulnerability
Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability
Added to KEV
Sep 15, 2022
Remediate by
Oct 6, 2022
Known ransomware use
No
Summary description
Trend Micro Apex One and Apex One as a Service contain an improper validation of rollback mechanism components that could lead to remote code execution.
Required action
Apply updates per vendor instructions.
Notes
https://success.trendmicro.com/dcx/s/solution/000291528?language=en_US; https://nvd.nist.gov/vuln/detail/CVE-2022-40139
No related CVEs by CWE or product.