Trend Micro Apex One Console Directory Traversal Remote Code Execution Vulnerability

A remote code execution vulnerability has been identified in the Trend Micro Apex One management console. This issue arises from improper validation of user-supplied input, which can be exploited to execute arbitrary commands on the affected system. The vulnerability is present in Apex One 2019 (On-prem) for Windows) and in the SaaS version of Apex One as a Service, as well as Trend Vision One Endpoint - Standard Endpoint Protection. The vulnerability has been addressed in the latest Critical Patch for Apex One and the Security Agent Build 14.0.20315 for the SaaS version.

Impact

Exploitation of this vulnerability allows remote attackers to execute arbitrary code on the affected system, with the executed code running in the context of the IUSR account.

Remediation

Users of Trend Micro Apex One should apply the Critical Patch Build 14136, available through the Trend Micro Download Center. For the SaaS version, the latest Security Agent Build 14.0.20315 should be applied.