vulnerability

Trend Micro Apex One: CVE-2023-41179: Improper Control of Generation of Code

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:M/C:C/I:C/A:C)	Sep 19, 2023	Mar 21, 2025	Mar 24, 2025

Severity

CVSS

(AV:N/AC:L/Au:M/C:C/I:C/A:C)

Published

Sep 19, 2023

Added

Mar 21, 2025

Modified

Mar 24, 2025

Description

A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation.
Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.

Solution

trend-micro-apex-one-upgrade-latest

References

CVE-2023-41179
https://attackerkb.com/topics/CVE-2023-41179
URL-https://success.trendmicro.com/en-US/solution/KA-0015332

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today