vulnerability
Trend Micro Apex Central: CVE-2022-26871: Insufficient Verification of Data Authenticity
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Mar 31, 2022 | Apr 29, 2025 | Jul 3, 2025 |
Severity
7
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Mar 31, 2022
Added
Apr 29, 2025
Modified
Jul 3, 2025
Description
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
Solution
trend-micro-apex-central-upgrade-latest
References
- CWE-345
- CVE-2022-26871
- https://attackerkb.com/topics/CVE-2022-26871
- URL-https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435
- URL-https://jvn.jp/vu/JVNVU99107357
- URL-https://success.trendmicro.com/jp/solution/000290660
- URL-https://success.trendmicro.com/solution/000290678
- URL-https://www.jpcert.or.jp/english/at/2022/at220008.html
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.