CVE-2022-45797
First published: Thu Dec 01 2022(Updated: )
An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges and delete files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Credit: security@trendmicro.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Trendmicro Apex One | ||
| Trendmicro Apex One | =2019 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-45797.
What is the severity of CVE-2022-45797?
The severity of CVE-2022-45797 is high with a CVSS score of 7.1.
Which software products are affected by CVE-2022-45797?
Trend Micro Apex One and Trend Micro Apex One as a Service are affected by CVE-2022-45797.
How can an attacker exploit CVE-2022-45797?
An attacker must first obtain the ability to execute arbitrary code on an affected installation to exploit CVE-2022-45797.
Is there a fix available for CVE-2022-45797?
Yes, Trend Micro has provided a solution for CVE-2022-45797. Please refer to the reference link for more details.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/description
- agent/softwarecombine
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/trendmicro
- canonical/trendmicro apex one
- version/trendmicro apex one/2019
- vendor/microsoft
- canonical/microsoft windows