CVE-2023-41179
Trend Micro Apex One and Worry-Free Business Security Remote Code Execution Vulnerability
CVSS
—
No CVSS
EPSS
4.7%
p91
KEV
YES
Sep 21, 2023
Exploit Today
77
0-100
Published: — · Last modified: —
Product
Trend Micro / Apex One and Worry-Free Business Security
Vulnerability
Trend Micro Apex One and Worry-Free Business Security Remote Code Execution Vulnerability
Added to KEV
Sep 21, 2023
Remediate by
Oct 12, 2023
Known ransomware use
No
Summary description
Trend Micro Apex One and Worry-Free Business Security contain an unspecified vulnerability in the third-party anti-virus uninstaller that could allow an attacker to manipulate the module to conduct remote code execution. An attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes
https://success.trendmicro.com/dcx/s/solution/000294994?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2023-41179
No related CVEs by CWE or product.