Volerion logoVolerion
Volerion logoVolerion

Trend Micro Apex One and Vision One Origin Validation Vulnerability Allowing Local Privilege Escalation

Vulnerability

A vulnerability allowing local privilege escalation has been identified in Trend Micro Apex One (both on-premise and as a service) and Vision One - Standard Endpoint Protection. This origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. However, an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing a local attacker to gain elevated rights on the affected system.

Remediation

Users of Trend Micro Apex One (on-prem) should update to SP1 CP Build 18012 or SP1 Build 17079. For Trend Micro Apex One as a Service and Vision One - Standard Endpoint Protection, the latest Security Agent build 14.0.20731 should be applied.

Added: May 21, 2026, 2:24 PM
Updated: May 21, 2026, 2:24 PM

Vulnerability Rating

Custom Algorithm
spread
0.3
impact
10.0
exploitability
3.5
remediation
7.7
relevance
8.5
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.