First published: Fri Mar 17 2023(Updated: )
This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro TXOne StellarOne. Authentication is required to exploit this vulnerability. The specific flaw exists within the Account endpoint. The issue results from the lack of proper access control. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user.
Credit: security@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trendmicro Txone Stellarone | <2.0.1160 | |
Linux Linux kernel | ||
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-25069 is an improper access control privilege escalation vulnerability in Trend Micro TXOne StellarOne.
CVE-2023-25069 has a severity value of 8.8 (high).
CVE-2023-25069 affects all versions of Trend Micro TXOne StellarOne before V2.0.1160.
A falsely authenticated user can exploit CVE-2023-25069 to escalate their privileges to administrator level.
You can find more information about CVE-2023-25069 at the following links: [link1](https://success.trendmicro.com/solution/000292486), [link2](https://www.zerodayinitiative.com/advisories/ZDI-23-231/).