Rewterz Threat Advisory – CVE-2022-45797 – Trend Micro Apex One and Trend Micro Apex One Vulnerability

Rewterz Threat Alert – SmokeLoader Malware – Active IOCs

December 5, 2022

Rewterz Threat Alert – GandCrab Ransomware – Active IOCs

December 6, 2022

Rewterz Threat Advisory – CVE-2022-45797 – Trend Micro Apex One and Trend Micro Apex One Vulnerability

Severity

Medium

Analysis Summary

CVE-2022-45797

Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local authenticated attacker to delete arbitrary files, caused by improper validation of user requests by the Damage Cleanup Engine component. An attacker could exploit this vulnerability to delete arbitrary files on the system with elevated privileges on the system.

Impact

File Manipulation

Indicators Of Compromise

CVE

CVE-2022-45797

Affected Vendors

Trend Micro

Affected Products

Trend Micro Apex One On Premise (2019)
Trend Micro Apex One SaaS

Remediation

Refer to Trend Micro Security for patch, upgrade or suggested workaround information.

Trend Micro Security

Rewterz Threat Alert – SmokeLoader Malware – Active IOCs

Rewterz Threat Alert – GandCrab Ransomware – Active IOCs

Rewterz Threat Advisory – CVE-2022-45797 – Trend Micro Apex One and Trend Micro Apex One Vulnerability

Severity

Analysis Summary

CVE-2022-45797

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan