Rewterz

ICS: Johnson Controls iSTAR Pro and ICU Vulnerability

June 7, 2024
Rewterz

Multiple Apache Products Vulnerabilities

June 7, 2024

Multiple Trend Micro Apex Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-37289 CVSS:7.8

Trend Micro Apex One could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Apex One Security Agent. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges and execute arbitrary code in the context of SYSTEM.

CVE-2024-36303 CVSS:7.8

Trend Micro Apex One could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Apex One NT RealTime Scan service. By sending specially crafted commands, an authenticated attacker could exploit this vulnerability to gain elevated privileges and execute arbitrary code in the context of SYSTEM.

CVE-2024-36302 CVSS:7.8

Trend Micro Apex One could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Apex One NT Listener service. By sending specially crafted commands, an authenticated attacker could exploit this vulnerability to gain elevated privileges and execute arbitrary code in the context of SYSTEM.

Impact

  • Privilege Escalation

Indicators of Compromise

CVE

  • CVE-2024-37289
  • CVE-2024-36303
  • CVE-2024-36302

Affected Vendors

Trend Micro

Affected Products

  • Trend Micro Apex One On Premise (2019)
  • Trend Micro Apex One as a Service

Remediation

Refer to Trend Micro Security Advisory for patch, upgrade or suggested workaround information.

Trend Micro Security Advisory

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.