Rewterz Threat Advisory – CVE-2023-41179 – Trend Micro Endpoint Security Products Vulnerability

Rewterz Threat Alert – Lumma Stealer Malware aka LummaC – Active IOCs

September 18, 2023

Rewterz Threat Advisory – CVE-2023-42503 – Apache Commons Compress Vulnerability

September 19, 2023

Rewterz Threat Advisory – CVE-2023-41179 – Trend Micro Endpoint Security Products Vulnerability

Severity

High

Analysis Summary

CVE-2023-41179

Trend Micro Endpoint could allow a remote authenticated attacker to execute arbitrary code on the system, caused by code injection vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

Code Execution

Indicators Of Compromise

CVE

CVE-2023-41179

Affected Vendors

Trend Micro

Affected Products

Trend Micro Apex One 2019
Trend Micro Worry-Free Business Security 10.0 SP1
Trend Micro Apex One SaaS
Trend Micro Worry-Free Business Security Services SaaS

Remediation

Refer to the TrendMicro Website for patch, upgrade or suggested workaround information.

Trend Micro Website

Rewterz Threat Alert – Lumma Stealer Malware aka LummaC – Active IOCs

Rewterz Threat Advisory – CVE-2023-42503 – Apache Commons Compress Vulnerability

Rewterz Threat Advisory – CVE-2023-41179 – Trend Micro Endpoint Security Products Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan