Trend Micro Incorporated recently discovered a critical zero-day vulnerability, known as CVE-2023-41179 [1] [5], in their corporate endpoint security products [4]. This vulnerability poses a risk of unauthorized access, allowing attackers to execute arbitrary code on managed devices [4].

Description

The affected products include Trend Micro Apex One [1], Apex One SaaS [1] [2] [3] [4] [5] [6], Virus Buster Business Security (VBBS) [4], and VBBS Service [4]. To exploit this vulnerability [3] [5], an attacker would need to log into the administrative console [5]. Once an agent is installed on a device [4], they can execute arbitrary code with system privileges. The vulnerability has been rated as critical with a base score of 9.1 according to the CVSSv3.0 system [4].

Trend Micro has promptly responded by releasing patches to address the vulnerability in Apex One and VBBS. Updates for Apex One SaaS and VBBS were already provided in July [4]. It is crucial for users to update to the latest builds as soon as possible, as exploitation has already been confirmed [4]. In addition to applying these patches, it is recommended to implement workarounds such as restricting access to the management console from trusted networks.

Conclusion

This incident highlights the importance of regular software updates and vigilance in cybersecurity [2]. Users are urged to take prompt action and apply these updates and patches to mitigate the risk of exploitation. The JPCERT Coordination Center has also issued a warning in response to Trend Micro’s announcement [4]. It is essential for organizations to prioritize security measures and stay proactive in protecting against potential threats in the future.

References

[1] https://securityonline.info/cve-2023-41179-critical-0-day-trend-micro-endpoint-security-vulnerability/
[2] https://cybersecurity-see.com/trend-micro-fixes-endpoint-vulnerability-with-zero-day-patch/
[3] https://jvn.jp/en/vu/JVNVU90967486/
[4] https://www.security-next.com/149557
[5] https://vulnera.com/newswire/trend-micro-fixes-zero-day-vulnerability-under-attack-in-endpoint-security-products/
[6] https://www.darkreading.com/endpoint/trend-micro-patches-zero-day-endpoint-vulnerability