Actively exploited vulnerability affects Trend Micro Apex Central

Threat Level – Amber | Vulnerability Report
Download PDF


For a detailed advisory, download the pdf file here

Trend Micro Apex Central (on-premise and as a Service) has a zero-day vulnerability. This arbitrary file upload vulnerability if successfully exploited, could allow an unauthenticated remote attacker to upload any file, resulting in remote code execution. Organizations are advised to upgrade their Apex Central to the latest version available.

Potential MITRE ATT&CK TTPs are:

TA0042: Resource Development

TA0001: Initial Access

TA0002: Execution

T1588: Obtain Capabilities

T1588.006: Obtain Capabilities: Vulnerabilities

T1190: Exploit Public-Facing Application

T1059: Command and Scripting Interpreter

Vulnerability Details

Patch Links


What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox