Volerion logoVolerion
Volerion logoVolerion

Trend Micro Apex One and Vision One Origin Validation Vulnerability Allowing Local Privilege Escalation

Vulnerability

A vulnerability allowing local privilege escalation has been identified in the Trend Micro Apex One and Vision One Standard Endpoint Protection (SEP) products. This vulnerability arises from an origin validation error in the communication mechanism of the Apex One/SEP agent. An attacker with the ability to execute low-privileged code on the target system could exploit this vulnerability to escalate privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing a local attacker to gain elevated rights on the affected system.

Remediation

Users of Trend Micro Apex One (on-prem) should update to SP1 CP Build 18012 or SP1 Build 17079. For Trend Micro Apex One as a Service and Vision One - Standard Endpoint Protection (SEP) users, the Security Agent build 14.0.20731 is available. Customers are encouraged to visit the Trend Micro Download Center to obtain the latest versions.

Added: May 21, 2026, 2:21 PM
Updated: May 21, 2026, 2:21 PM

Vulnerability Rating

Custom Algorithm
spread
0.3
impact
10.0
exploitability
3.5
remediation
7.7
relevance
8.5
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.