Volerion logoVolerion
Volerion logoVolerion

Trend Micro Apex One Security Agent Uncontrolled Search Path Local Privilege Escalation Vulnerability

Vulnerability

A local privilege escalation vulnerability has been identified in the Trend Micro Apex One Security Agent. This uncontrolled search path vulnerability allows local attackers to escalate privileges on affected installations. Exploitation requires the ability to execute low-privileged code on the target system. The vulnerability arises because the product uninstaller executes a program from an unsecured location, which an attacker can exploit to gain elevated privileges and execute arbitrary code with SYSTEM rights.

Impact

Exploitation of this vulnerability allows local attackers to escalate privileges, executing arbitrary code in the context of the SYSTEM user.

Remediation

Trend Micro has released a patch for this vulnerability. Affected users can update to the latest version available through the Trend Micro Download Center.

Added: Jun 17, 2025, 7:22 PM
Updated: Jun 17, 2025, 9:05 PM

Vulnerability Rating

Custom Algorithm
spread
0.3
impact
7.5
exploitability
3.5
remediation
7.7
relevance
0.2
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.