Trend Micro Addresses Zero-Day Flaws Exploited in the Wild

Threat Advisories

Trend Micro Addresses Zero-Day Flaws Exploited in the Wild

September 21, 2023
Threat Level
Red
Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

A critical zero-day vulnerability, tracked as CVE-2023-41179, has been identified in the third-party AV uninstaller module contained in Trend Micro Apex One, Worry-Free Business Security, and Worry-Free Business Security Services. This vulnerability has the potential to allow an attacker to manipulate the module and execute arbitrary commands on an affected installation. This is a serious security issue that can lead to unauthorized code execution with system privileges on deployed agents.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

Recent Posts

Join Our Newsletter 14,000+ subscribers and growing! Get top cybersecurity news delivered directly to your inbox.
Sign Up to Receive Our Weekly Threat Digest