First published: Thu Dec 01 2022(Updated: )
An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges and delete files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Credit: security@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trendmicro Apex One | ||
Trendmicro Apex One | =2019 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2022-45797.
The severity of CVE-2022-45797 is high with a CVSS score of 7.1.
Trend Micro Apex One and Trend Micro Apex One as a Service are affected by CVE-2022-45797.
An attacker must first obtain the ability to execute arbitrary code on an affected installation to exploit CVE-2022-45797.
Yes, Trend Micro has provided a solution for CVE-2022-45797. Please refer to the reference link for more details.