Analysis Summary

CVE-2024-36307 CVSS:4.7

Trend Micro Apex One could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the VsApiNT module. By using a specially crafted symlink, an attacker could exploit this vulnerability to obtain sensitive information in the context of SYSTEM, and use this information to launch further attacks against the affected system.

CVE-2024-36305 CVSS:6.1

Trend Micro Apex One could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Apex One NT RealTime Scan service. By sending specially crafted commands, an authenticated attacker could exploit this vulnerability to gain elevated privileges and execute arbitrary code in the context of SYSTEM.

CVE-2024-36304 CVSS:6.1

Trend Micro Apex One could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Apex One NT RealTime Scan service. By sending specially crafted commands, an authenticated attacker could exploit this vulnerability to gain elevated privileges and execute arbitrary code in the context of SYSTEM.

CVE-2024-36306 CVSS:6.1

Trend Micro Apex One is vulnerable to a denial of service, caused by a flaw in the Damage Cleanup Engine. By using a specially crafted symlink, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.

Impact

• Privilege Escalation
• Information Disclosure
• Denial of Service

Indicators of Compromise

CVE

• CVE-2024-36307
• CVE-2024-36305
• CVE-2024-36304
• CVE-2024-36306

Affected Vendors

Remediation

Refer to Trend Micro Security Advisory for patch, upgrade or suggested workaround information.

Trend Micro Security Advisory