COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2023-41179

CVE-2023-41179

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2023-09-21
Reference
https://nvd.nist.gov/vuln/detail/CVE-2023-41179
⚡ RCE ⌖ exploited in the wild shame 65/100 rceexploited-in-wild

Trend Micro Apex One and Worry-Free Business Security contain an unspecified vulnerability in the third-party anti-virus uninstaller that could allow an attacker to manipulate the module to conduct remote code execution. An attacker must first obtain administrative console access

Players implicated

Trend Micro Inc. · vendorApex One and Worry-Free Business Security · product

Description

Trend Micro Apex One and Worry-Free Business Security contain an unspecified vulnerability in the third-party anti-virus uninstaller that could allow an attacker to manipulate the module to conduct remote code execution. An attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.

Affected FedRAMP products 2 in the catalog

ProductProviderStatusMatch
Trend Micro Cloud One for Government Trend Micro Inc. In Process vendor-exact · 0.90
Trend Micro Vision One for Government Trend Micro Inc. In Process vendor-exact · 0.90