Request a Demo
Rewterz
Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
November 22, 2022
Rewterz
Rewterz Threat Advisory – TP-Link TL-WR940N httpd Zero Day Vulnerabilities
November 22, 2022

Rewterz Threat Advisory – Multiple Trend Micro Apex One Zero Day Vulnerabilities

Severity

High

Analysis Summary

CVE-2022-44650 CVSS:7
The specific flaw exists within the Unauthorized Change Prevention Service. A crafted request can trigger a write past the end of an allocated data structure. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.

CVE-2022-44647 CVSS:4.4
The specific flaw exists within the User Mode Hooking Monitor Engine. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of SYSTEM.

CVE-2022-44648 CVSS:4.4
The specific flaw exists within the User Mode Hooking Monitor Engine. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of SYSTEM.

CVE-2022-44649 CVSS:7
The specific flaw exists within the Unauthorized Change Prevention Service. A crafted request can trigger a write past the end of an allocated data structure. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.

CVE-2022-44651 CVSS:7.8
The specific flaw exists within the Apex One Client Plug-in Service Manager. The issue results from the lack of proper locking when performing operations on a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.

CVE-2022-44652 CVSS:7.8
The specific flaw exists within the installer. The issue results from the lack of proper error handling when accessing files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.

CVE-2022-44653 CVSS:7.8
The specific flaw exists within the Apex One Client Plug-in Service Manager. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.

CVE-2022-44650 CVSS:7
The specific flaw exists within the Unauthorized Change Prevention Service. A crafted request can trigger a write past the end of an allocated data structure. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.

Impact

  • Privilege Escalation
  • Information Disclosure

Indicators Of Compromise

CVE

  • CVE-2022-44650
  • CVE-2022-44647
  • CVE-2022-44648
  • CVE-2022-44649
  • CVE-2022-44651
  • CVE-2022-44652
  • CVE-2022-44653
  • CVE-2022-44650

Affected Vendors

Trend Micro

Affected Products

  • Trend Micro Apex One

Remediation

Refer to Trend Micro Security Advisory for patch, upgrade or suggested workaround information.
Trend Micro Security Advisory