CVE-2022-41748
First published: Mon Oct 10 2022(Updated: )
A registry permissions vulnerability in the Trend Micro Apex One Data Loss Prevention (DLP) module could allow a local attacker with administrative credentials to bypass certain elements of the product's anti-tampering mechanisms on affected installations. Please note: an attacker must first obtain administrative credentials on the target system in order to exploit this vulnerability.
Credit: security@trendmicro.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Trendmicro Apex One | ||
| Trendmicro Apex One | =2019 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-41748.
What is the affected software?
The affected software includes Trend Micro Apex One and Worry-Free Business Security versions 2019 and saas.
What is the severity of CVE-2022-41748?
The severity of CVE-2022-41748 is medium with a CVSS score of 6.7.
How can a local attacker exploit this vulnerability?
A local attacker with administrative credentials can exploit this vulnerability to bypass certain elements of the product's anti-tampering mechanisms.
Is Microsoft Windows affected by this vulnerability?
No, Microsoft Windows is not vulnerable to CVE-2022-41748.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/severity
- agent/remedy
- agent/weakness
- agent/references
- agent/author
- agent/tags
- agent/description
- agent/softwarecombine
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/trendmicro
- canonical/trendmicro apex one
- version/trendmicro apex one/2019
- vendor/microsoft
- canonical/microsoft windows