Improper Access Control Vulnerability in Trend Micro Apex One Agent Allows Local Privilege Escalation and Arbitrary Directory Creation

Improper Access Control Vulnerability in Trend Micro Apex One Agent Allows Local Privilege Escalation and Arbitrary Directory Creation

CVE-2023-25144 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An improper access control vulnerability in the Trend Micro Apex One agent could allow a local attacker to gain elevated privileges and create arbitrary directories with arbitrary ownership.

Learn more about our Web Application Penetration Testing UK.