Trend Micro Apex One Link Following Local Privilege Escalation Vulnerability

A local privilege escalation vulnerability has been identified in the Trend Micro Apex One scan engine. This vulnerability allows a local attacker to escalate privileges on affected installations by exploiting a link following flaw within the Virus Scan Engine. An attacker must first have the ability to execute low-privileged code on the target system to exploit this issue. The vulnerability exists in Trend Micro Apex One 2019 (On-prem) for Windows, as well as in Apex One as a Service and Trend Vision One Endpoint - Standard Endpoint Protection, both on Windows.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing a local attacker to execute arbitrary code with SYSTEM privileges on the affected machine.

Remediation

Trend Micro has released a Critical Patch for Apex One 2019 (On-prem) users, available for download from the Trend Micro Download Center. For Apex One as a Service and Trend Vision One Endpoint - Standard Endpoint Protection users, the update has been applied automatically.